Security firm Blockaid reported that an attacker drained over $7.5 million from the Ethereum MEV bot jaredfromsubway.eth by exploiting its automated trading logic. The attacker spent weeks setting up fake tokens and liquidity pools mimicking assets like WETH, USDC, and USDT. These fake opportunities tricked the bot into approving malicious helper contracts for token spending. Some approvals were left open, allowing the attacker to pull WETH, USDC, and USDT from the bot's contracts. The stolen funds were partially sent to Tornado Cash. Jaredfromsubway.eth is notorious for sandwich attacks, responsible for roughly 70% of such attacks on Ethereum, costing traders about $60 million annually. This incident highlights the risks of automated systems that approve transactions based on pattern recognition, as the bot itself became a victim of its own mechanized logic.

Key facts

• Attacker drained $7.5M+ from MEV bot jaredfromsubway.eth.
• Fake tokens and liquidity pools tricked bot into approving malicious contracts.
• Open approvals allowed attacker to pull WETH, USDC, and USDT.
• Stolen funds partially routed through Tornado Cash.
• Bot responsible for ~70% of Ethereum sandwich attacks.

KeyAudit data perspective