trade crypt

MEV sandwich attack drains Jaredfromsubway.eth of $7.5M

HomeTechnologyMEV sandwich attack drains Jaredfromsubway.eth of $7.5M

-

A MEV sandwich attack on the bot Jaredfromsubway.eth drained more than $7.5 million. The incident underscores risks tied to systems that approve transactions at machine speed, and it occurred between November 2024 and October 2025, a period when sandwich attacks cost Ethereum traders about $60 million a year and happened at a rate of roughly 60,000 to 90,000 attacks per month.

The attacker targeted the bot’s decision-making system rather than using a phishing attack or exploiting a simple contract bug. The setup included dozens of fake token contracts and fake liquidity pools that were structured to appear profitable to the bot. The fake assets used in the setup included wrapped ether (WETH) and dollar-pegged USDC and USDT.

The bot generated approvals for attacker-controlled helper contracts to spend tokens on its behalf, and those approvals were later used by the attacker. The attacker used transaction routes where approvals stayed open, creating standing permission to pull funds from the bot’s contracts. The attacker transferred WETH, USDC and USDT out of Jaredfromsubway.eth’s contracts into attacker-controlled destinations. Some of the stolen funds were routed through Tornado Cash.

Blockaid described the incident as not a normal phishing attack and not a simple bug in the victim contract. The account-level approvals and the use of fake token contracts and liquidity pools were central elements reported in the attack description.

Roughly 70% of monthly Ethereum sandwich attacks were associated with jaredfromsubway.eth, reflecting a concentrated share of activity within that class of predatory trades. That proportion identifies the bot as a frequent participant in sandwich activity and indicates its operations were a recurring presence amid monthly attack volumes. The figure points to a pattern of repeated engagement rather than isolated episodes, based on the reporting compiled about the bot’s activity. This concentration made the account a notable factor in the landscape of sandwich attacks.

In May, the bot sandwiched a small swap by Vitalik Buterin in a transaction where the bot spent about $1.14 million to frontrun a trade that was worth only a few dollars, ultimately netting about $4 after fees. The transaction was described as a notable test and as illustrating how the bot operated at scale by executing high-cost frontruns against very small target trades. The costliness of the frontrun relative to the target trade value underscores the bot’s operating pattern of executing large-volume or high-frequency actions.

Taken together, the 70% association and the May swap involving a very small trade illustrate the bot’s large-scale operation within sandwich activity. These points emphasize the bot’s outsized presence in that specific form of trading activity.

The attacker transferred WETH, USDC and USDT out of Jaredfromsubway.eth’s contracts. The bot had generated approvals for attacker-controlled helper contracts to spend tokens, and those approvals were later used to move funds. The attacker used transaction routes where approvals stayed open, creating standing permission that allowed repeated withdrawals. Those open approvals enabled attacker-controlled helper contracts to pull tokens multiple times from the affected contracts.

Some of the stolen funds were sent to Tornado Cash. Transfers out of the bot’s contracts included WETH, USDC and USDT that were extracted following use of the open approvals. Reporting noted the combination of token transfers and routing through Tornado Cash.

Those post-attack movements were recorded in subsequent transaction traces. The presence of standing approvals remained a central observation in reports.

The MEV sandwich attack on Jaredfromsubway.eth highlighted vulnerabilities in automated trading systems that approve transactions at machine speed and act on pattern-recognition signals. The incident emphasizes the risks inherent in deploying rapid, algorithmic approval and execution mechanisms within decentralized finance when those systems operate on pattern recognition and profit signals, as demonstrated in reporting.

This website and its articles do not provide any investment advisory services within the meaning of applicable regulations. The information published may be incomplete, outdated, or contain errors. The author makes no representation or warranty regarding the accuracy, completeness, or timeliness of the information presented. Use of this information is entirely at the reader’s own risk. Under no circumstances shall the author be held liable for financial decisions made on the basis of the content published on this website.
Crypto Fan
Crypto Fanhttps://calipsu.com
Calipsu.com is dedicated to providing clear, reliable, and accessible information about cryptocurrencies, blockchain technology, and decentralized finance (DeFi). Its mission is to help readers better understand a rapidly evolving ecosystem that is often complex, technical, and misunderstood. The platform covers a wide range of topics, from major blockchain networks and crypto assets to DeFi protocols, Web3 applications, and emerging trends. The website also publishes practical guides and tutorials that explain how decentralized tools function, such as wallets, staking mechanisms, lending protocols, and liquidity pools. These guides aim to describe processes and risks clearly, helping readers understand the mechanics behind DeFi rather than encouraging participation.

LATEST POSTS

Japan’s collapsing yen pushing companies into bitcoin and XRP.

Japan's collapsing yen pushing companies into bitcoin and XRP is reshaping corporate strategy in Japan as yen weakness boosts demand for Bitcoin and XRP.

Anthropic removes hidden Claude Code tracker after privacy concerns?

Anthropic removes hidden Claude Code tracker after privacy concerns, signaling a rollback of an experiment to curb reseller abuse and protect Claude.

What AI export restrictions mean for Chinese AI firms

China weighs AI export restrictions as it meets Alibaba, ByteDance, and Z.ai to discuss overseas use limits on advanced AI models.

Kenya seeks blockchain analytics tool to track crypto crime

Kenya seeks blockchain analytics tool to track crypto crime as regulators empower CMA to monitor digital asset transactions and enforce new rules.

Follow us

116FansLike
745FollowersFollow
148FollowersFollow
trade crypt