Notorious Ethereum MEV Bot Jaredfromsubway.eth Loses More Than $7.5 Million in Reverse Attack

Jaredfromsubway.eth, a notorious Ethereum bot known for sandwich attacks, has lost more than $7.5 million after falling for an attacker’s trap. The automated bot, which profits by placing trades before and after decentralized finance users’ transactions, was lured by a fake trade setup engineered to exploit it.

Cointelegraph reported on June 21 that security firm Blockaid said on June 20 the bot was tricked into granting token-spending approval to a contract controlled by the attacker. That approval was then used to siphon off funds.

Blockaid said the incident was neither a typical phishing attack nor a conventional smart-contract vulnerability in the victim’s contract.

Jaredfromsubway.eth is widely regarded as one of the most successful MEV bots on Ethereum. MEV refers to strategies that monitor pending blockchain transactions and rearrange their order to make a profit. A sandwich attack is a common MEV tactic in which a bot buys just before a user’s trade and sells immediately afterward to capture the price spread.

Cointelegraph Research estimates traders lose about $60 million a year to sandwich attacks on Ethereum. From November last year through October this year, the blockchain recorded 60,000 to 90,000 sandwich attacks a month. About 70% of them were tied to Jaredfromsubway.eth.

The latest exploit targeted the bot’s automated decision-making logic. Raz Niv, Blockaid’s chief technology officer, told Cointelegraph the incident was a reverse-MEV honeypot attack aimed at the automated logic used by MEV bots.

Over several weeks, the attacker deployed 66 fake token contracts with names and interfaces resembling Wrapped Ether, USDC and Tether. The attacker then created fake liquidity pools designed to look profitable to the MEV bot.

Jaredfromsubway.eth detected the setup and, in the course of chasing what appeared to be a routine profit opportunity, granted the attacker-controlled contract permission to use real funds. Niv said the bot had ironically handed over the keys to a vault worth millions of dollars.

The attacker then used a single transaction to call all 66 backdoors and drain the address of its ETH, USDC and USDT. The losses totaled more than $7.5 million.

The incident underscored that automated MEV strategies can themselves become targets. It also highlighted that when bots chasing profit are exposed to fake liquidity and spoofed tokens, even sophisticated MEV systems can suffer steep losses.

Crypto investor David Gokhshtein said no one should celebrate the incident. Still, he added that anyone who had previously been hit by a sandwich attack from the bot was unlikely to be angry about the news.