Key Highlights
- Joint effort led by protocols like Marinade Finance and Jito has successfully helped the ecosystem to counter Sandwich attacks, which were exploiting retail traders
- Marinade Finance identified and removed bad actors from its delegation system by blacklisting 50 malicious validators
On December 23, Marinade Finance, a leading non-custodial liquid staking protocol on the Solana blockchain, shared a post on X (formerly Twitter), in which it announced that coordinated efforts across the network have greatly reduced the impact of danger “sandwich attacks.”
Sandwich attacks extracted between $370–$500 million over the past 16 months.
Fortunately, in 2025 the ecosystem took action…👇
We blacklisted 50+ malicious validators to protect $2 billion of delegated stake. Additionally, @jito_sol and @SolanaFndn fought back too bringing… pic.twitter.com/Br8wkvVfSA
— Marinade 🛡️ (@MarinadeFinance) December 23, 2025
According to the post, these sandwich attacks have siphoned between $370–$500 million over the period of the last 16 months.
These exploitative attacks have been a major problem on decentralized exchanges that run on high-speed blockchain networks like Solana.
What are Sandwich Attacks
A sandwich attack is a type of exploitation in decentralized finance. In this attack, a perpetrator, generally a validator or an automated bot, locates a large pending trade from a regular user.
After that, the attacker quickly places a buy order right before that user’s trade goes through, which increases the asset’s price. Then, immediately after the user’s trade executes at the worst price, the attacker sells the asset to profit from the artificial price movement.
This attack smartly “sandwiches” the victim’s transaction, stealing value and leaving the user with a worse deal.
On Solana, these attacks became common and frequent because the network is very fast and has low transaction fees. This speed allows malicious validators who are responsible for ordering transactions into blocks to manipulate the sequence for profit. Sometimes, they also use customized software or private channels to see transactions before the public does.
How the Solana Community and Marinade Finance Fought Back
According to Marinade Finance, these sandwich bots stole substantial value from users between January 2024 and May 2025. However, 2025 has witnessed a change in this trend due to proactive measures from major players in the Solana ecosystem.
Marinade Finance has taken direct action by blacklisting over 50 malicious validators. It identified these validators using on-chain analysis and specialized tools from firms like Ghostlogs. This helped them to protect $2 billion worth of user stake that was delegated through the platform.
“Sandwich attacks extracted between $370-500 million from Solana users over 16 months, with research from Sandwich.me revealing that 0.72% of all blocks contained sandwich attacks. Some validators saw exploitation in up to 27% of their produced blocks,” stated on the official website.
“The ecosystem’s coordinated response in 2025 reduced sandwich attack profitability by approximately 60-70%. Jito Foundation shutdown their public mempool in March, removing the easiest attack vector. Solana Foundation removed malicious validators from delegation programs, while staking protocols took direct action. Marinade Finance blacklisted 50+ validators participating in sandwich attacks across their Stake Auction Marketplace, protecting over $2 billion in delegated stake,” the report stated.
The protocol also introduced better detection methods, penalties for bad behavior, and a feature called “Marinade Select.” This helped them to create a verified validator that users can delegate to with more confidence.
To protect the community, Jito, the leading MEV infrastructure provider on Solana, has made a major contribution. It implemented governance proposals to blacklist harmful validators and enhanced its own systems to control this activity. These new improvements by Jito already helped reduce network spam, and its targeted blacklists added another layer of protection.
Apart from this, the Solana Foundation has also played a very important role. It removed validators from its official delegation program if they were found participating in activities that allow sandwich attacks.
These proactive efforts have helped the Solana ecosystem to reduce user complaints about front-running and excessive price slippage. This shows that user protections are improving across Solana’s decentralized exchanges.
Also Read: Solana-Based Lifinity To Shut Down, Return $43.4M To Token Holders
