Ethereum's Most Notorious Bot Just Got Robbed Itself

Bot Turned Against Itself

Jaredfromsubway.eth, one of crypto's most prolific MEV bots, lost more than $7.5 million on Saturday after an attacker turned its own automated systems against it. The exploit did not rely on a smart contract bug or a phishing attack. An attacker drained roughly $7.5 million from the bot after tricking it into approving token spending it never should have granted. Security firm Blockaid, which flagged the incident, confirmed the bot was not hit by a smart-contract bug, a phishing attack, or a private-key leak.

The attacker spent weeks deploying 66 counterfeit token contracts that imitated Wrapped Ether (WETH), USD Coin (USDC), and Tether (USDT). The setup was built around fake wrapper tokens and liquidity pools. The attacker created routes involving fake versions of WETH, USDC and USDT paired with fake tokens in trades that appeared profitable to the bot's automated execution system. Once the bot granted approvals, the attacker left those approvals open instead of consuming them inside the expected trade path.

Those open approvals were then used to transfer WETH, USDC and USDT out of Jaredfromsubway.eth's contracts, draining more than $7.5 million. At least 1,000 ETH subsequently entered Tornado Cash, suggesting the attacker shifted focus from extraction to concealment. Notably, the JaredFromSubway account later claimed the loss was actually $15 million and offered a $1 million bounty for the full return of the funds.

A Hunter Becomes the Hunted

The irony of the incident is hard to miss. Sandwich bots monitor pending transactions and insert trades before and after users to capture price movement, often leaving retail traders with worse execution. Prior Cointelegraph Research found sandwich attacks cost Ethereum traders about $60 million annually, with Jaredfromsubway.eth tied to roughly 70% of attacks between November 2024 and October 2025.

In May, the bot reportedly targeted a small swap by Ethereum co-founder Vitalik Buterin, renewing debate over toxic MEV and the need for better user protection. Now the tables have turned. Blockaid clarified that the incident exploited the bot's automated MEV opportunity detection and approval mechanism, a category of risk that has received far less attention than code audits.

It also remains unknown whether the attacker targeted Jaredfromsubway.eth specifically or simply set a trap that caught any bot scanning the mempool. If the method can be generalized, it could become a repeatable exploit against a whole class of MEV bots on Ethereum and even on layer-2 networks where similar bot architectures exist.

Sources:
CoinDesk: Ethereum's biggest sandwich bot drained of $7.5 million in ironic exploit
BeInCrypto: Ethereum's Most Notorious MEV Bot Loses $7.5 Million in On-Chain Honeypot Trap
Crypto.news: JaredFromSubway MEV bot gets drained in $7.5m approval trap