Legendary MEV bot Jaredfromsubway.eth lost $7.5 million in a sophisticated attack.

One of the most famous MEV bots on the Ethereum network — Jaredfromsubway.eth — has suffered catastrophic losses. As a result of a targeted attack, attackers withdrew assets worth over $7.5 million. This event has dealt a serious blow to the reputation of automated maximum extractable value (MEV) strategies and has once again raised questions about the security of such systems.
According to an analysis conducted by security experts, the attack was not a classic phishing attempt or an exploitation of a standard vulnerability in the victim's smart contract. The attacker deployed dozens of fake token contracts disguised as popular assets — WETH, USDC, and USDT. These contracts were linked to fictitious liquidity pools that mimicked profitable trading opportunities.
MEV bots, including Jaredfromsubway.eth, are programmed to search for such "profitable" trades to execute sandwich attacks. However, in this case, the trap worked in reverse: the bot's automated execution system was deceived and granted permissions to spend real assets to contracts controlled by the attacker. With a single transaction, the hacker activated all the embedded backdoors and withdrew the funds. Part of the stolen coins has already been sent to the Tornado Cash mixer, making them difficult to trace.
Scale of the Threat to the MEV Sector
It is worth noting that trader losses from sandwich attacks on Ethereum are estimated at approximately $60 million annually. Between November 2024 and October 2025, the network recorded between 60,000 and 90,000 such operations per month. Notably, about 70% of them were linked to Jaredfromsubway.eth. This bot was so active that in June 2024, it became the largest consumer of gas on the Ethereum network at a certain point.
My comment: This incident is a vivid example of how complex automation can be turned against its creator. MEV bots, which profit from others' inefficiencies, themselves become targets for even more sophisticated attacks. The market is entering a phase where algorithm security and smart contract auditing are becoming not just an option, but a critical condition for survival for any DeFi participant.