Famous MEV bot Jaredfromsubway.eth hit by reverse attack, losing over $7.5 million

Odaily Planet Daily News Jaredfromsubway.eth, a well-known MEV bot long active on the Ethereum network, was exploited by hackers using an automated execution system vulnerability, resulting in losses exceeding $7.5 million.

Security firm Blockaid stated that this incident was not a traditional phishing attack or smart contract vulnerability, but rather an "anti-MEV honeypot attack" specifically targeting the decision-making logic of MEV bots. Over several weeks, the attacker deployed 66 fake token contracts and fraudulent liquidity pools, masquerading as assets like WETH, USDC, and USDT, to lure the bot into executing seemingly profitable trades and authorizing auxiliary contracts controlled by the attacker.

Ultimately, the attacker invoked all backdoor permissions in a single transaction, transferring assets including ETH, USDC, and USDT held by the bot's address. Data shows that from November 2024 to October 2025, the Ethereum network experienced approximately 60,000 to 90,000 sandwich attacks per month, with around 70% being related to Jaredfromsubway.eth. (Cointelegraph)