Crypto news

21.06.2026
10:12

The largest Ethereum MEV bot lost over $7.5 million in a sophisticated attack.

MEV2

One of the most famous and active MEV bots on the Ethereum network, Jaredfromsubway.eth, suffered a hacker attack, resulting in the loss of assets worth over $7.5 million. The incident was detected by the Blockaid exploit detection system, which promptly alerted the community to the large-scale fund leak.

How the Attack Was Carried Out

Unlike classic phishing schemes or traditional smart contract vulnerabilities, the attacker employed a more complex and multi-step approach. According to Blockaid's analysis, the attacker deployed dozens of fake token contracts disguised as popular stablecoins WETH, USDC, and USDT. These fake assets were linked to counterfeit liquidity pools that visually mimicked profitable trading opportunities.

MEV bots like Jaredfromsubway.eth typically respond to such setups to execute sandwich attacks—price manipulation on transactions. In this case, the bot was deceived: the automated trade execution system issued approvals for spending real assets to auxiliary contracts controlled by the attacker. After receiving the approvals, the attacker activated all backdoors in a single transaction and instantly withdrew the funds.

Consequences and Scale

Part of the stolen coins has already been transferred to the Tornado Cash mixer, complicating fund tracking. This incident highlights the vulnerability of even the most advanced algorithmic systems to targeted manipulations. According to expert estimates, annual trader losses on Ethereum from sandwich attacks amount to approximately $60 million, with about 70% of all such operations on the network (60,000–90,000 per month) between November 2024 and October 2025 being linked specifically to Jaredfromsubway.eth.

Notably, in June 2024, this same MEV bot briefly became the largest gas consumer on the Ethereum network, demonstrating its dominance in this segment.

Expert Commentary: This case is not just a loss of funds but a serious signal for the entire MEV sector. The attack showed that even the most profitable and technically sophisticated bots can be deceived through the simulation of market conditions. This raises the question of the need to implement deeper verification of token and liquidity pool authenticity at the bot level, not just at the user wallet level. The MEV market is becoming an increasingly dangerous field for players who rely solely on speed rather than multi-factor verification.