When Bundler executes Entrypoint.handleOps, hackers can initiate transactions first by increasing the price of the original trading, such as normal gwei as 3, but after the hacker monitor, GWEI is modified to 3.01, and Set the beneficiary to his own so that he can get the bnb;

The original transaction initiated by the user: 0xf9cf601f3f4a2f3ba9306aea7129175fd1c1b1fe0f9d18b0513cc281d1edabc0, this was replaced, so it failed.

The setting is 4 gwei, and the initiator is 0xca6618e67f8220a68f1c3b5f560fcc938f7ee306,
beneficiary set to 0xca6618e67f8220a68f1c3b5f560fcc938f7ee306

beneficiary set to 0xca6618e67f8220A68F1C3B560FCC938F7EE306
Tampered transactions: 0xc0c7d7467830c0786155f398b2cf8a1ae030a2236d14a65ca3d54d880549a7ed, set 4.01 GWEI, and the initiator was tampered with
0xcF09C0bC381E679f0f7f37A46C0AD10758960b4C,
Beneficiary set to 0xa169F84e31d4745E83428b412E97621455488D6e;

Is there any solution to avoid being tampered with?

In just a few days, it made a profit of 0.25 BNB
0xa169f84e31d4745e83412e97621488d6e

Bundlers are recommended to be part of the block builder or be using a Flashbots-like API so that they are protected against this form of front running.