Jaredfromsubway.eth lost over $7.5 million after attackers turned its MEV logic against it. The sandwich bot, known for front-running and back-running users, was drained after approving attacker-controlled contracts during a fake setup.
Blockaid reported, “Blockaid Exploit Detection system detected an exploit involving the MEV bot on Ethereum. The incident resulted from attacker-controlled contracts tricking an automated MEV execution system into granting token approvals, later used to drain funds.”
Fake pools targeted automated approvals
The exploit was not typical phishing and did not necessarily come from a smart contract weakness. Attackers shaped the trap around the bot’s execution logic, making fake opportunities appear profitable enough to trigger approvals.
Blockaid said attackers created a fabricated ecosystem of 66 fake tokens and pools. These included versions of Wrapped ETH, USDC, and USDt, paired with CAP tokens. The setup imitated MEV signals that Jaredfromsubway.eth was built to detect, leading the bot to authorize attacker-controlled contracts.
Blockaid chief technology officer Raz Niv said, “Ironically, in the process, it provided the attacker the keys to millions in the bot’s treasury.” Etherscan data showed losses of $7.5 million. Blockchain records suggested some funds were sent to Tornado Cash.
Sandwich bot record draws scrutiny
Jaredfromsubway.eth had become one of Ethereum’s most visible sandwich bots. Earlier research found that Ethereum traders lose about $60 million each year to sandwich attacks. From November 2024 to October 2025, Ethereum telemetry recorded 60,000 to 90,000 sandwich attacks monthly, with Jaredfromsubway.eth responsible for about 70%.
Crypto investor and commentator David Gokhshtein said, “We shouldn’t be happy about this; no one should celebrate … but if this has sandwiched … I’m pretty sure you’re not upset about this news.”
In May, the bot targeted Ethereum co-founder Vitalik Buterin’s transaction involving 26,544 DigitalBits. The loss was small, but it showed how MEV systems pursue minor opportunities. Etherscan records show the transaction was sandwiched between block 24993038 and 24993039.
MEV debate returns to the Ethereum roadmap
Before Buterin’s swap was executed, the bot routed about $1.14 million in WETH through SushiSwap and Uniswap V2 to move XDB pricing across pools. EigenPhi warned that slippage lets Jared push prices higher, forcing traders to pay more while the bot captures the spread.
EigenPhi wrote, “Jared 2.0 would use adding liquidity transactions as the front piece and/or the centerpiece and removing liquidity transactions as the back piece. The combination can be various, putting several transactions in between, becoming sandwich attack victims.”
By May, MEV extraction on Ethereum had exceeded $1.2 billion, with sandwich attacks accounting for about 51% of total volume. Buterin has advocated for encrypted mempools as Ethereum developers consider ways to reduce harmful MEV practices.
