More than $7.5 million was wiped from Jaredfromsubway.eth’s holdings after the notorious Ethereum sandwich bot fell victim to an attacker’s scheme. The attackers caught the automated bot through a fake trading setup.
Early analysis suggests that the attrition may have occurred through a sophisticated, specifically designed anti-MEV strategy exploited Automated trading logic of the robot.
Blockchain security company Blockade reported: “The Blockade exploit detection system discovered a vulnerability involving the MEV bot on Ethereum.” The incident was caused by attacker-controlled contracts tricking the automated MEV execution system into granting token approvals, which were later used to drain funds.
The incident represents a rare setback for JaredFromSubway, the sandwich bot that rose to prominence by exploiting decentralized exchange traders through upstream and backend transactions. Blockaid says the attackers created fake tokens and pools
Blockaid says the attackers created fake tokens and pools
In another post, Blockaid male The engineered exploit differed from traditional phishing attacks and was not necessarily the result of a vulnerability in the smart contract itself. The scheme targeted the bot’s trading logic, causing it to interpret fake opportunities as profitable and allow contracts to be under the attackers’ control.
The attackers manufactured an entire ecosystem of 66 counterfeit tokens and pools, including those for Wrapped ETH (WETH), USDC (USDC), and USDt (USDT), and then paired that with CAP tokens. The fakes mimicked MEV indicators that the bot was optimized to detect, triggering automated approval protocols for attacker-controlled contracts.
“Ironically, in the process, he provided the attacker with the keys to millions in the bot’s vault,” said Raz Neff, chief technology officer at Blockaid. Android lost $7.5 million according to Etherscan data.
So far, blockchain data suggests that the attackers have already sent some of the stolen funds to Tornado Cash.
Cryptocurrency investor and commentator David Gochstein speaks out about the exploit He confirmed“We shouldn’t be happy about this; no one should celebrate… But if you’ve been affected by this before… I’m sure you’re not upset by this news.”
Is Jaredfromsubway.eth notorious for making traders lose to sandwich attacks?
Previous analysis through research has shown that Ethereum traders collectively lose around $60 million annually due to sandwich attacks. Ethereum network telemetry recorded an average monthly volume of 60,000 to 90,000 sandwich attacks from November 2024 to October 2025, with Jaredfromsubway.eth executing a dominant 70% share.
In May, Jaredfromsubway.eth targeted a transaction by Vitalik Buterin involving 26,544 digital bits. The amount lost was small, but the event showed that MEV bots are willing to pursue profit opportunities even if they are small. Etherscan logs show that the founder was trapped by a bot in block 24993038.
Before the Buterin swap was made, the bot transferred approximately $1.14 million from WETH via… Sushi Swap and Uniswap V2 to manipulate the price of XDB via liquidity aggregators.
Previously, EigenPhi warned that slippage in cryptocurrency transactions creates an opportunity for Jared to raise prices, making traders pay more and allowing him to profit from the difference.
Tracking site MEV wrote, “Jared 2.0 will use adding liquidity transactions as a front piece and/or as a central piece and removing liquidity transactions as a back piece. The combination can be different, as many transactions are placed in between, and they become victims of a sandwich attack.”
As of May, MEV mining on Ethereum has risen to over $1.2 billion, with sandwich attacks accounting for about 51% of the total volume. Buterin has been advocating for cryptocurrency diary pools over the past few months as part of efforts to address harmful MEV practices in Ethereum’s future roadmap.
Don’t just read cryptocurrency news. Understand that. Subscribe to our newsletter. It’s free.
