Crypto news

22.06.2026
03:15

MEV giant Jaredfromsubway.eth lost $7.5 million in a sophisticated attack

MEV bot attack

The well-known MEV bot Jaredfromsubway.eth, which long dominated the field of sandwich attacks on Ethereum, has suffered catastrophic losses. As a result of a targeted hacker attack, attackers managed to withdraw assets worth over $7.5 million.

How the attack was carried out

Analysis of the incident by security experts shows that this was not a classic phishing attack or a vulnerability in the victim's own smart contract. Instead, the attacker used a high-level tactic to deceive the bot's automated execution system.

The attacker deployed dozens of fake token contracts disguised as popular assets such as WETH, USDC, and USDT. These contracts were linked to fake liquidity pools that mimicked highly profitable trading opportunities. It is precisely such "profitable" trades that MEV bots typically react to, attempting to execute a sandwich attack.

The scheme worked flawlessly: Jaredfromsubway.eth, seeing false signals, granted the attacker's auxiliary contracts permission to spend real assets. Then, in a single transaction, the attacker activated all the embedded backdoors and withdrew the funds. Part of the stolen coins has already been sent to the Tornado Cash mixer, as confirmed by blockchain analytics data.

Context and consequences

This incident is not just an isolated case. It highlights the vulnerability of even the most advanced and profitable MEV strategies in the face of targeted attacks. In my estimation, Jaredfromsubway.eth, being one of the largest players in this market, had accumulated a significant asset base, making it an attractive target. The $7.5 million loss will likely significantly impact its operations and may change the MEV landscape on Ethereum.

For reference: analysts estimate that annual trader losses from sandwich attacks on the Ethereum network amount to about $60 million. From November 2024 to October 2025, between 60,000 and 90,000 such operations were recorded monthly, with about 70% of them linked specifically to Jaredfromsubway.eth. Notably, in June 2024, this bot even became the largest gas consumer on the network, highlighting its scale.

My comment: This attack is a vivid example of how the "hunter" becomes the "prey." MEV bots built on automatic responses to transactions are an ideal target for those who understand their logic. The Jaredfromsubway.eth incident should serve as a serious warning to all operators of such systems: security and multi-level verification of "profitable" opportunities are not a luxury but a necessity. The market is becoming too complex for blind trust in external signals.