New research shows that sandwich attacks on Ethereum drained nearly $40 million from users in 2025, yet the total value extracted has fallen dramatically even as decentralized exchange (DEX) volumes climbed from $65 billion to over $100 billion per month.
The findings, based on EigenPhi data, reveal a surprising disconnect between attack profitability and trading activity.
Extraction Collapses but Attack Frequency Stays High
Monthly sandwich extraction fell from about $10 million in late 2024 to just $2.5 million by October 2025. However, the number of attacks remains elevated, hovering between 60,000 and 90,000 per month. The chart shows this divergence clearly: yellow bars representing extraction shrink month after month, while purple DEX volume lines rise sharply through mid-2025 before easing slightly.
Low-Volatility Pools Become Prime Targets
One of the most concerning trends is where attackers are focusing their activity. According to the research:
- •38% of attacks targeted low-volatility pools such as stablecoins and wrapped assets.
- •12% hit stable swaps, where unexpected slippage can cause outsized user losses.
These pools traditionally offer predictable pricing, making sudden sandwich-induced slippage particularly damaging for unsuspecting traders.
Profitability Shrinks to Just $3 Per Attack
Average profit per sandwich attack sits at approximately $3, a dramatic drop from prior years. Only six attackers were able to generate more than $10,000 total profit in 2025, suggesting that MEV competition, rising transaction fees, and improved user protections are compressing margins across the board.
The chart confirms this trend with the grey bars, representing total profit, remaining barely visible compared to prior peaks.
Is MEV Protection Finally Working?
With extraction falling despite steady attack frequency and rising DEX activity, researchers are asking whether the Ethereum ecosystem is witnessing broader adoption of MEV-protection tools.
The emergence of solutions like private transaction relays, intent-based trading, and protected RPCs may be reducing exploitable opportunities even as overall trading activity surges.
The latest data suggests a changing landscape: sandwich attacks remain common, but they are significantly less profitable, an early sign that MEV defenses may be gaining real traction across Ethereum’s user base.