Known MEV bot Jaredfromsubway.eth suffers reverse attack, losses exceed $7.5 million

Odaily Planet Daily reports that Jaredfromsubway.eth, a well-known MEV bot long active on the Ethereum network, was attacked by hackers exploiting vulnerabilities in its automatic execution system, resulting in losses exceeding $7.5 million.

Security firm Blockaid stated that this incident was not a traditional phishing attack or a smart contract vulnerability, but rather a "reverse MEV honeypot attack" specifically targeting the decision-making logic of the MEV bot. Over several weeks, the attacker deployed 66 fake token contracts and虚假 liquidity pools, disguised as assets like WETH, USDC, and USDT, to lure the bot into executing seemingly profitable trades and authorize auxiliary contracts controlled by the attacker.

Ultimately, in a single transaction, the attacker invoked all backdoor permissions to transfer assets including ETH, USDC, and USDT held by the bot address. Data shows that between November 2024 and October 2025, the Ethereum network experienced approximately 60,000 to 90,000 sandwich attacks per month, of which about 70% were related to Jaredfromsubway.eth. (Cointelegraph)