Key Points
- Over $7.5 million was extracted from MEV bot Jaredfromsubway.eth in a weekend attack
- The perpetrator created 66 fraudulent token contracts across multiple weeks to deceive the bot
- The automated system was baited into granting spending permissions to malicious smart contracts
- Blockaid, a blockchain security company, described it as a “counter-MEV honeypot attack”
- Portions of the pilfered cryptocurrency have been transferred to Tornado Cash
A prominent cryptocurrency automation system has fallen prey to its own strategies. The MEV bot known as Jaredfromsubway.eth, which accumulated substantial profits by front-running regular traders, lost over $7.5 million in a Saturday breach.
Blockaid, a prominent blockchain security organization, verified the incident.
The Mechanics Behind the Exploit
The perpetrator executed a meticulously planned operation spanning multiple weeks. They created 66 counterfeit token contracts mimicking legitimate assets like Wrapped ETH, USDC, and USDT. These fraudulent tokens were matched with deceptive liquidity pools engineered to appear as lucrative trading opportunities.
The automated system performed precisely as programmed. It identified what appeared to be a profitable arbitrage opportunity and granted authorization to specific contracts for fund expenditure.
This authorization proved catastrophic. Through a coordinated single transaction, all 66 malicious backdoors activated simultaneously, draining the bot’s entire portfolio of ETH, USDC, and USDT holdings.
“In a twist of irony, the bot essentially handed over the keys to millions sitting in its treasury,” explained Raz Niv, Chief Technology Officer at Blockaid.
Blockaid emphasized the unconventional nature of this exploit. “This doesn’t fit the pattern of typical phishing schemes or conventional smart-contract exploits,” the company stated. The attack specifically exploited the automated decision algorithms that power MEV operations.
Understanding Jaredfromsubway.eth
MEV bots scan pending blockchain transactions and manipulate their execution sequence to generate profits. This practice is frequently described as an “invisible fee” imposed on regular network participants.
Sandwich attacks represent a prevalent technique. These bots detect pending trades, insert their own transactions before and after the target transaction, and capitalize on the resulting price fluctuations.
From November 2024 through October 2025, Jaredfromsubway.eth executed approximately 70% of all sandwich attacks across the Ethereum network. According to Cointelegraph Research, sandwich attacks inflict roughly $60 million in annual losses on traders, with monthly attack volumes ranging between 60,000 and 90,000 during high-activity periods.
Last May, Ethereum creator Vitalik Buterin experienced a sandwich attack from this identical bot during a modest DigitalBits token swap. While the monetary impact was negligible, the incident demonstrated that no transaction value is beneath the bot’s threshold.
Onchain transaction records indicate that some stolen assets have been routed through Tornado Cash, a cryptocurrency tumbling platform.
The cryptocurrency community’s response has been polarized. Investor David Gokhshtein commented: “We shouldn’t be happy about this; no one should celebrate… but if you’ve ever been sandwiched by this… I’m pretty sure you’re not upset about this news.”
This incident represents one of the most substantial individual losses documented for an MEV bot operation.
