Skip to main content
Esc

Type to search

Articles / perp-dex / Jaredfromsubway.eth, Ethereum's Most Active Sandwich Bot, Drained for $7.5M Over the Weekend

Jaredfromsubway.eth, Ethereum's Most Active Sandwich Bot, Drained for $7.5M Over the Weekend

Jun 23, 2026 · Source: thedefiant.io · Topic:  perp-dex · crypto-defi-blockchain
Total Loss
$7.5M
The total amount drained from the jaredfromsubway.eth address in the exploit.
Sandwich Attack Percentage
70%
The percentage of all sandwich attacks on Ethereum attributed to the jaredfromsubway.eth bot between November 2024 and October 2025.
Monthly Sandwich Attacks
60,000 - 90,000
The estimated number of sandwich attacks occurring on Ethereum each month.

§ 01 Executive Snapshot

  • What: Jaredfromsubway.eth, a prominent Ethereum sandwich bot, was drained of over $7.5 million in a sophisticated exploit.
  • Who: The attacker remains unidentified; Jaredfromsubway.eth is run by an anonymous operator.
  • Why it matters: This incident represents the largest single loss tied to an MEV operator and highlights vulnerabilities in automated trading strategies.

§ 02 Key Developments

  • An attacker executed a sweep transaction that drained over $7.5 million worth of WETH, USDC, and USDT from the jaredfromsubway.eth address.
  • The exploit was characterized as a counter-MEV honeypot, distinct from phishing or smart-contract bugs, involving 66 fake token contracts.
  • The bot was responsible for approximately 70% of all sandwich attacks on Ethereum between November 2024 and October 2025, with estimates of 60,000 to 90,000 attacks per month.

§ 03 Strategic Context

  • The incident underscores the risks associated with MEV (Miner Extractable Value) strategies, particularly for operators who aggressively seek transaction-ordering rights.
  • The exploit demonstrates how vulnerabilities can be exploited in automated trading systems, reflecting broader concerns about the security of decentralized finance protocols.

§ 04 Strategic Implications

  • Immediate consequences may include increased scrutiny of MEV strategies and potential shifts in how sandwich operators manage risks associated with their trading logic.
  • Long-term implications could lead to enhanced security measures among MEV operators, as the incident illustrates the potential for significant financial loss due to sophisticated attacks.

§ 05 Risks & Constraints

  • A potential risk includes the regulatory scrutiny of MEV practices, especially as incidents like this gain public attention and raise concerns about market fairness.
  • Competition among sandwich operators may intensify, as those not affected by this incident may exploit the situation to capture more market share.

§ 06 Watchlist / Forward Signals

  • Future developments to monitor include any changes in MEV-Boost relay policies or responses from other sandwich operators in the wake of this incident.
  • The ongoing investigation into the stolen funds and their routing through Tornado Cash may reveal further insights into the exploit mechanisms and potential recovery efforts.
§ 07

Frequently Asked Questions

What happened to Jaredfromsubway.eth?

Jaredfromsubway.eth was drained of over $7.5 million in a sophisticated exploit.

Who is responsible for the attack on Jaredfromsubway.eth?

The attacker remains unidentified, and Jaredfromsubway.eth is run by an anonymous operator.

Why is this incident significant?

This incident represents the largest single loss tied to an MEV operator and highlights vulnerabilities in automated trading strategies.

How did the attacker exploit Jaredfromsubway.eth?

The exploit involved a sweep transaction that utilized 66 fake token contracts, characterized as a counter-MEV honeypot.

§ 08

Related Articles