Tether Blacklists MEV Bots Exploiter ‘Sandwich the Ripper’ After ‘Official Requests’

The exploiter has since moved their USDC to a different wallet

by Bessie Liu /
article-image

Antonio Bernad Lafuente/Shutterstock modified by Blockworks

share

Tether, a centralized entity behind popular stablecoin USDT, has blacklisted an Ethereum validator who had front-run MEV bots, earning $25 million via a sandwich attack.

The exploiter, who called themselves “Sandwich the Ripper,” will no longer be able to receive, send or redeem the $3 million worth of USDT held in their address.

Tether’s decision to blacklist the exploiter has drawn criticism from industry participants. 

Newsletter

Subscribe to The Breakdown

Uri Klarman, the CEO of bloXrouteLabs, told Blockworks in an interview that the exploiter did exactly what a sandwich bot would do.

“It didn’t hurt the consensus, it didn’t create two blocks at the same time, it gave them an invalid block that didn’t propagate,” Klarman said.

This is similar to what front-running MEV bots do — the only difference, Klarman said, was that it took money from the searcher in a way that they did not anticipate. 

“We don’t do this to others, but this guy managed to trick the searchers and somehow they get blacklisted…it’s a really bad precedent,” Klarman said. 

In response to why the company had decided to blacklist the attacker, a Tether spokesperson told Blockworks that “Tether routinely works with law enforcement agencies around the world as part of our commitment to cooperation, transparency, and accountability.”

Tether has not specified which official entity requested them to blacklist “Sandwich the Ripper” but noted that “we respect official requests to temporarily freeze funds and are proud of our role as industry leaders in promoting cooperation between industry and government authorities.”

“Sandwich the Ripper” has since moved their USDC to a different wallet, a tweet by umbrella_uni noted “Most likely to circumvent USDC blacklist as Circle would have to blacklist all ‘lent’ USDC deposits.”

Loading Tweet..

Get the news in your inbox. Explore Blockworks newsletters:

Tags

Newsletter

The Breakdown

Decoding crypto and the markets. Daily, with Byron Gilliam.

Upcoming Events

Digital Asset Summit 2025

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

buy ticketslearn more

recent research

Research Report Templates.jpg

Research

Tokenize, Trade, Expand: The Figure Thesis

Figure, founded by former SoFi CEO Mike Cagney, has emerged as a leader in onchain RWAs, with ~$17.5B publicly tokenized. The platform’s ecosystem volume is growing ~40% YoY as it expands beyond HELOCs into student loans, DSCR loans, unsecured loans, bankruptcy claims, and more. Operationally, Figure cuts average loan production cost by ~93% and compresses median funding time from ~42 days to ~10, creating a durable speed-and-cost advantage.

by Marc-Thomas Arjoon, CFA

/

news

article-image

Business

Tether enters US market with USAT stablecoin

Former White House crypto official Bo Hines is expected to be the CEO of the new project

by Jack Kubinec&Katherine Ross /
article-image

The Breakdown

Thursday links: Overpriced debt, community-approved stables and Justin Sun

In bonds, stablecoins and billionaires, a reminder of what makes crypto special

by Byron Gilliam /
article-image

Forward Guidance Newsletter

What’s next for crypto markets as Fed rate cut expectation holds?

21Shares exec says CPI and PPI data supports a Fed rate cut, with market leaning toward a 25bps decrease

by Ben Strack /
article-image

The DropWeb3

Consensys CEO Joe Lubin hints at future LINEA perks

The Ethereum co-founder suggested LINEA holders would be eligible for other airdrops in cryptic tweet

by Kate Irwin /
article-image

DeFi

Starknet’s Grinta upgrade is massive, but arrived with turbulence

The layer-2’s biggest release yet brings benefits — but a post-upgrade outage caused a chain reorg

by Macauley Peterson /
article-image

0xResearch NewsletterMarkets

Respect the PUMP: Crypto’s emerging meme season

Crypto is shifting into risk-on mode — pump.fun dominates meme activity, while Lido leans on treasury maneuvers

by Kunal Doshi&Shaunda Devens /