MEV giant Jaredfromsubway.eth lost over $7.5 million in a sophisticated attack.

One of the largest and most well-known MEV bots on the Ethereum network — Jaredfromsubway.eth — has suffered catastrophic losses. As a result of a targeted hacker attack, attackers managed to withdraw assets worth over $7.5 million. This incident has dealt a serious blow to the reputation of automated Maximum Extractable Value (MEV) strategies.
Analysis conducted by security experts shows that the attack was not a simple smart contract hack or classic phishing. Instead, the attacker employed a multi-stage and highly ingenious scheme. They deployed dozens of fake token contracts disguised as popular stablecoins WETH, USDC, and USDT. These counterfeit contracts were linked to fake liquidity pools that mimicked profitable trading opportunities.
How the Attack Was Executed
The automated system of Jaredfromsubway.eth, programmed to detect and exploit arbitrage opportunities (specifically sandwich attacks), fell for this bait. The bot, believing it was seeing real trades, granted the attacker's auxiliary contracts permission to spend its real assets. Once the permissions were obtained, the attacker activated all the "backdoors" in a single transaction and instantly withdrew the funds. Part of the stolen coins has already been sent to the Tornado Cash mixer to conceal traces, as confirmed by on-chain analytics data.
This case highlights the growing complexity of attacks in the DeFi world. Even the most experienced and technically equipped bots, which themselves profit from market manipulation, can fall victim to even more cunning schemes.
It is worth noting that Jaredfromsubway.eth has long dominated the field of sandwich attacks on Ethereum. According to my data, annual trader losses from such manipulations amount to about $60 million, and up to 70% of all these operations on the network were attributed to this bot. In June 2024, it even became the largest single consumer of gas on the network, indicating its enormous scale.
Analyst's opinion: This incident is not just a loss of funds for one bot. It is an alarm signal for the entire MEV ecosystem. If automated systems created to exploit market inefficiencies are themselves vulnerable to such sophisticated attacks, it calls into question the reliability of many strategies and requires a review of security protocols for all market participants, not just retail traders.