Crypto news

21.06.2026
08:56

The largest Ethereum MEV bot lost $7.5 million due to a sophisticated attack involving fake liquidity pools.

MEV2

One of the most famous MEV bots on the Ethereum network — Jaredfromsubway.eth — fell victim to a sophisticated hacker attack, resulting in the loss of assets worth over $7.5 million. The incident was detected by the Blockaid exploit detection system.

How the Attack Was Carried Out

Unlike classic phishing schemes or traditional smart contract vulnerabilities, the attacker employed a multi-layered tactic. They deployed dozens of fake token contracts disguised as popular stablecoins WETH, USDC, and USDT, and linked them to fake liquidity pools. These structures mimicked profitable trades that MEV bots typically respond to in order to execute sandwich attacks.

The bot's automated execution system was deceived: it granted the attacker's auxiliary contracts permission to spend real assets. After that, the attacker activated all backdoors in a single transaction and withdrew the funds. Part of the stolen coins has already been moved through the Tornado Cash mixer, as confirmed by data from the analytics platform Arkham.

Context and Scale of the Threat

Jaredfromsubway.eth has long dominated the sandwich attack segment on Ethereum. By my estimates, traders' annual losses from such operations amount to about $60 million. From November 2024 to October 2025, the network recorded between 60,000 and 90,000 sandwich attacks monthly, with approximately 70% of them linked to this bot. In June 2024, Jaredfromsubway.eth even became the largest gas consumer on the Ethereum network at certain moments.

My comment: This incident is a vivid example of how even the most advanced automated systems can be deceived if the attacker exploits the psychology of algorithms rather than technical vulnerabilities. MEV bots, which have hunted for profits for years, now have to learn to defend themselves against more cunning predators. The market is becoming increasingly complex, and trust in automated strategies must be reinforced by multi-layered security.