Crypto news

21.06.2026
12:54

The fall of a giant: MEV bot Jaredfromsubway.eth lost $7.5 million in a sophisticated attack

MEV-bot attack

One of the most famous and aggressive MEV bots on the Ethereum network, known under the pseudonym Jaredfromsubway.eth, has suffered catastrophic losses. As a result of a sophisticated hacker attack, the attacker managed to withdraw assets worth over $7.5 million.

How was the attack carried out?

This was not a standard smart contract hack or a classic phishing attack. The attacker employed a much more sophisticated tactic. They deployed dozens of fake token contracts disguised as popular liquid assets — WETH, USDC, and USDT. These counterfeit tokens were linked to fake liquidity pools that appeared to be attractive and profitable trades.

MEV bots, which seek arbitrage and sandwich attack opportunities, are precisely aimed at such "profitable" opportunities. Jaredfromsubway.eth's automated system, recognizing a "lucrative" trade, granted the attacker's auxiliary contracts permissions to spend real assets. Once the permissions were obtained, the hacker activated all the embedded backdoors in a single transaction and instantly withdrew the funds. Part of the stolen coins has already been sent to the crypto mixer Tornado Cash to cover tracks.

Context and impact

Jaredfromsubway.eth has long dominated the MEV space on Ethereum, particularly in the sandwich attack segment. According to my data, from November 2024 to October 2025, between 60,000 and 90,000 such operations were recorded monthly on the network, with about 70% of them attributed to this bot. Annual trader losses from sandwich attacks are estimated at approximately $60 million.

Notably, as early as June 2024, this bot was the largest gas consumer on the Ethereum network, highlighting its scale and aggressiveness.

My analysis: This incident is a stark example of how even the most complex and profitable automated systems can be deceived. The attack was not a technical hack of the code but an exploitation of the very logic of the MEV bot's operation — its "greed" for profit. This is a serious signal for the entire MEV strategy developer community: deeper verification of contracts and liquidity pools must be implemented, rather than relying solely on superficial indicators of profitability. The loss of $7.5 million is a painful but instructive lesson.