Jaredfromsubway.eth was one of the most successful MEV bots in crypto. For years, it ran sandwich attacks on Ethereum, front-running regular traders’ swaps and pocketing the difference. Hundreds of millions in profit. Now someone’s turned the tables — draining $7.5 million from the bot in a single transaction.
The attack was elegant. Over several weeks, the attacker deployed 66 fake token contracts that looked exactly like WETH, USDC, and USDT. Fake names, fake interfaces, fake liquidity pools. To an automated bot scanning for profitable trades, they looked like easy money.
That’s the trap. Jared’s bot approved these attacker-controlled contracts to spend real tokens on its behalf — same as it’s done a thousand times before. Except this time, those approvals were backdoors. The attacker called all 66 of them at once and swept everything: ETH, USDC, USDT, all of it.
Blockaid, the security firm that flagged the exploit, called it a “counter-MEV honeypot.” It wasn’t a phishing scam and it wasn’t a bug in the bot’s code. The attacker just exploited the bot’s own logic — its hunger for profit became the vulnerability. “Ironically, it gave the attacker the keys to millions in its own treasury,” said Blockaid’s Raz Niv.
Some of the stolen money’s already been sent through Tornado Cash. And here’s the uncomfortable part: Jaredfromsubway.eth has been sandwich-attacking regular DeFi users for years, responsible for roughly 70% of the 60,000–90,000 monthly attacks on Ethereum. So the crypto community’s reaction has been… complicated.
Originally reported by Cointelegraph. Rewritten and published by The Coolest Info.
