Tether Blacklists MEV Bots Exploiter ‘Sandwich the Ripper’ After ‘Official Requests’

The exploiter has since moved their USDC to a different wallet

April 11, 2023 01:24 pm

Antonio Bernad Lafuente/Shutterstock modified by Blockworks

Tether, a centralized entity behind popular stablecoin USDT, has blacklisted an Ethereum validator who had front-run MEV bots, earning $25 million via a sandwich attack.

The exploiter, who called themselves “Sandwich the Ripper,” will no longer be able to receive, send or redeem the $3 million worth of USDT held in their address.

Newsletter

Subscribe to Blockworks Daily

Tether’s decision to blacklist the exploiter has drawn criticism from industry participants.

Uri Klarman, the CEO of bloXrouteLabs, told Blockworks in an interview that the exploiter did exactly what a sandwich bot would do.

“It didn’t hurt the consensus, it didn’t create two blocks at the same time, it gave them an invalid block that didn’t propagate,” Klarman said.

This is similar to what front-running MEV bots do — the only difference, Klarman said, was that it took money from the searcher in a way that they did not anticipate.

“We don’t do this to others, but this guy managed to trick the searchers and somehow they get blacklisted…it’s a really bad precedent,” Klarman said.

In response to why the company had decided to blacklist the attacker, a Tether spokesperson told Blockworks that “Tether routinely works with law enforcement agencies around the world as part of our commitment to cooperation, transparency, and accountability.”

Tether has not specified which official entity requested them to blacklist “Sandwich the Ripper” but noted that “we respect official requests to temporarily freeze funds and are proud of our role as industry leaders in promoting cooperation between industry and government authorities.”

“Sandwich the Ripper” has since moved their USDC to a different wallet, a tweet by umbrella_uni noted “Most likely to circumvent USDC blacklist as Circle would have to blacklist all ‘lent’ USDC deposits.”

Loading Tweet..

Get the news in your inbox. Explore Blockworks newsletters:

Blockworks Daily: Unpacking crypto and the markets.
Empire: Crypto news and analysis to start your day.
Forward Guidance: The intersection of crypto, macro and policy.
0xResearch: Alpha directly in your inbox.
Lightspeed: All things Solana.
The Drop: Apps, games, memes and more.
Supply Shock: Bitcoin, bitcoin, bitcoin.

Tags

Newsletter

Blockworks Daily

Upcoming Events

Digital Asset Summit 2025

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

buy tickets learn more

Permissionless IV

Industry City | Brooklyn, NY

TUES - THURS, JUNE 24 - 26, 2025

Permissionless IV serves as the definitive gathering for crypto’s technical founders, developers, and builders to come together and create the future.If you’re ready to shape the future of crypto, Permissionless IV is where it happens.

buy tickets learn more

Permissionless IV Hackathon

Brooklyn, NY

SUN - MON, JUN. 22 - 23, 2025

Blockworks and Cracked Labs are teaming up for the third installment of the Permissionless Hackathon, happening June 22–23, 2025 in Brooklyn, NY. This is a 36-hour IRL builder sprint where developers, designers, and creatives ship real projects solving real problems across […]

learn more

recent research

Research

Ethena: Evolving into an Institutional DeFi Chain

Ethena Labs is leaping from its flagship synthetic dollar, USDe, to a full product suite—USDtb, iUSDe, and the Arbitrum-based Converge Chain—designed to marry crypto-native yields with TradFi-grade compliance. Our analysis shows how expanding into CME, ETF options, and tokenized Treasuries could lift protocol revenue from sub-$500 million in a bear case to several billion dollars if favorable regulation and institutional adoption align.

by Daniel Shapiro