Crypto news

21.06.2026
09:57

The collapse of a giant: MEV bot Jaredfromsubway.eth lost $7.5 million due to a sophisticated trap

MEV2

One of the most famous and aggressive MEV bots on the Ethereum network, Jaredfromsubway.eth, has suffered catastrophic losses. As a result of a sophisticated hacker attack, attackers managed to withdraw assets worth over $7.5 million. This incident is not just another hack, but a demonstration of a new class of threats for automated trading systems.

How the Attack Was Carried Out: An Unconventional Approach

Security specialists from Blockaid, who recorded the incident, emphasize that this is not a classic phishing attack or the exploitation of a trivial vulnerability in the victim's smart contract. The attacker's methodology was much more subtle. He deployed dozens of fake token contracts, artfully disguised as popular liquid assets: WETH, USDC, and USDT. These fake tokens were linked to fake liquidity pools that visually mimicked real trading pairs.

The key element of the trap was creating the illusion of highly profitable trades. MEV bots, such as Jaredfromsubway.eth, are programmed to seek opportunities for sandwich attacks. The attacker created precisely these "attractive" conditions. The bot's automated system, recognizing potential profit, granted the attacker's auxiliary contracts permission to spend real, actual assets from its wallet. Once the permissions were obtained, the hacker activated all the "backdoors" in a single transaction and instantly withdrew the funds. According to data from the analytical platform Arkham, part of the stolen coins has already been sent to the Tornado Cash mixer to conceal the trail.

Context and Market Implications

The irony of the situation is that Jaredfromsubway.eth itself was long one of the main "predators" in the Ethereum ecosystem. Estimates suggest that annual trader losses from sandwich attacks on the network amount to about $60 million. Between November 2024 and October 2025, between 60,000 and 90,000 such operations were recorded monthly on the network, with approximately 70% of them linked specifically to this bot. In June 2024, it even became the largest single consumer of gas on the Ethereum network, so actively was it operating.

My analysis: This hack is a landmark event. It shows that even the most complex and profitable MEV algorithms are vulnerable to attacks targeting their own decision-making mechanisms. This is not an error in the contract code, but a manipulation of the bot's logic. The incident serves as a harsh warning for all MEV bot operators: your hunt for profit can be used against you. The market is becoming increasingly dangerous, and old methods of dominance no longer guarantee security.