The largest Ethereum MEV bot lost $7.5 million due to a sophisticated attack involving fake liquidity pools.

One of the most famous MEV bots on the Ethereum network, Jaredfromsubway.eth, has fallen victim to a sophisticated hacker attack. Losses amounted to over $7.5 million. The incident was detected by the Blockaid exploit detection system and immediately drew the attention of the entire crypto community.
According to data from the analytical platform Arkham, part of the stolen funds has already been transferred to Tornado Cash. This indicates that the attacker is trying to cover their tracks and complicate asset tracking.
How was the attack carried out?
Blockaid experts emphasize that this is not a classic phishing attack or a traditional smart contract vulnerability. Instead, the attacker deployed dozens of fake token contracts disguised as popular assets: WETH, USDC, and USDT. These contracts were linked to fake liquidity pools. Visually, such structures appeared as profitable trades, which MEV bots typically respond to in order to execute sandwich attacks.
The bot's automated execution system was deceived and granted the attacker's auxiliary contracts permission to spend real assets. The attacker then triggered all backdoors in a single transaction and withdrew the funds.
Context and scale of the threat
Jaredfromsubway.eth is not just a bot but a true "whale" among MEV operators. According to estimates, annual trader losses on Ethereum from sandwich attacks amount to approximately $60 million. Meanwhile, from November 2024 to October 2025, the network recorded between 60,000 and 90,000 such operations per month, with about 70% of them linked specifically to Jaredfromsubway.eth.
It is worth recalling that in June 2024, this bot briefly became the largest consumer of gas on Ethereum, highlighting its enormous influence on the network.
Expert opinion: This incident demonstrates a fundamental vulnerability in automated MEV strategies. Even the most sophisticated and profitable bots are not immune to attacks based on social engineering and manipulation of liquidity data. For the community, this is an alarming signal: traditional smart contract protection methods may be useless if the attacker targets not the code, but the bot's decision-making logic. The market urgently needs new security protocols capable of verifying not only code but also the reliability of external data.