- jaredfromsubway.eth, Ethereum’s most active sandwich bot, lost roughly US$7.5 million in WETH, USDC and USDT in a single sweep transaction.
- Security firm Blockaid attributed the loss to a counter-MEV honeypot of 66 fake token contracts that tricked the bot into granting token approvals.
- The bot has been tied to about 70% of Ethereum sandwich attacks, a practice estimated to cost traders around US$60 million a year.
jaredfromsubway.eth, Ethereum’s most prolific sandwich-trading bot, was drained of roughly US$7.5 million (AU$10.7 million) over the weekend after an attacker manipulated its automated trading logic into approving a network of malicious contracts, in a rare case of a predatory MEV bot becoming the victim.
The funds, held in WETH, USDC and USDT, were swept in a single transaction on Saturday. Security firm Blockaid attributed the loss not to phishing, a private-key compromise or a protocol bug, but to the bot’s own trust logic being turned against it.
Related: Moody’s Brings Credit Ratings On-Chain With Solana Expansion
How the Honeypot Worked
Over several weeks, the attacker deployed 66 counterfeit token contracts mimicking Wrapped ETH, USDC and USDT, each paired with fake liquidity pools engineered to look like profitable trades. Those signals tricked the bot’s automated execution system into granting token approvals to helper contracts it would normally trust.
The attacker first tested routes where the approvals were immediately consumed, then refined the method to leave allowances open and unrevoked, creating a standing vulnerability.
With spending rights secured across all 66 backdoors, the attacker called them in one transaction to drain the bot. Because the approvals were granted by the bot itself, the transfers required no stolen keys and no flaw in any underlying protocol.
Raz Niv, chief technology officer at Blockaid, characterised the incident as a “counter-MEV honeypot attack” that targeted the bot’s automated decision logic. The bot’s operator claimed losses closer to US$15 million (AU$21.5 million), a figure that has not been independently confirmed.
jaredfromsubway.eth has long drawn scrutiny for sandwich attacks, in which a bot front-runs and back-runs a pending trade to skim value from ordinary users. On-chain research has tied it to roughly 70% of sandwich attacks between November 2024 and October 2025, part of a practice estimated to cost Ethereum traders around US$60 million (AU$85.8 million) a year.
The bot has ranked among the network’s heaviest gas spenders for years, a footprint that made it one of the most closely tracked addresses on Ethereum.
Related: Tokenised Assets Surge Past $43 Billion as Traditional Finance Moves On-Chain
Be the first to comment