Coinbase Suffers $300K Loss from MEV Exploit Due to 0x Protocol Misconfiguration
Finance/Markets

Coinbase Suffers $300K Loss from MEV Exploit Due to 0x Protocol Misconfiguration

Coinbase experienced a significant loss after a misconfigured contract interaction allowed malicious bots to exploit a corporate wallet, resulting in a loss of approximately $300,000.

Trade with eToro

Trade with eToro

Open an account

Trade on XM

Trade on XM

Open an account

Trade with XTB

Trade with XTB

Open an account

Coinbase fell victim to a significant loss of approximately $300,000 due to a misconfiguration in its interactions with the 0x protocol’s swapper contract. This lapse allowed MEV bots to drain funds directly from a corporate wallet owned by Coinbase.

Key Points:

  • Coinbase’s chief security officer Philip Martin confirmed no customer funds were compromised during the exploit.
  • The exploit resulted from the approval of tokens to a swapper contract, which was not intended for holding token allowances, enabling the MEV bots to drain the wallet immediately after approvals were granted.

MEV, or maximal extractable value, is a technique used in cryptocurrency transactions that allows bots to profit by front-running or reordering transactions. The exploit was flagged by security researcher deeberiroz, highlighting the vulnerability even top-tier exchanges face against sophisticated automated trading methods.

“Looks like @coinbase was recently drained of ~$300,000 after using @0xProject swapper incorrectly… The bots simply waited for a high-value wallet to grant spending rights to an exposed contract, then executed the drain immediately.” - deeberiroz

Next article

XRP Surges Past Key Resistance After Ripple's Victory — Is $8 on the Horizon?

Newsletter

Get the most talked about stories directly in your inbox

Every week we share the most relevant news in tech, culture, and entertainment. Join our community.

Your privacy is important to us. We promise not to send you spam!