Skip to main content

‘Sandwich attack’ bot Jaredfromsubway.eth linked to $7.5M theft



MEV bot operator Jaredfromsubway.eth has reportedly lost more than $7.5 million after an attacker used a “counter-MEV” strategy to trick the bot into authorizing spending approvals that were later used to drain its funds. The incident, discovered on Saturday, highlights a growing security risk for automated trading systems: even bots built to exploit market opportunities can be turned against themselves.


Blockaid said the compromise stemmed from attacker-controlled contracts manipulating Jaredfromsubway.eth’s automated MEV execution logic into issuing token approvals. Those approvals—part of the bot’s normal workflow—were then leveraged to transfer assets out of the bot’s treasury.



Key takeaways



  • Blockaid attributes the $7.5M+ loss to fake contracts that induced Jaredfromsubway.eth to grant token approvals used for a subsequent sweep.

  • The attack was not framed as classic phishing or a flaw in the victim contract itself, but as a targeted manipulation of the bot’s automated decision-making.

  • Blockaid’s technical description includes 66 counterfeit token contracts paired with fake liquidity pools to appear like profitable trades.

  • The incident underscores that MEV strategies can create predictable authorization paths that attackers may try to repurpose.

  • Earlier Cointelegraph Research linked Jaredfromsubway.eth with a large share of sandwich attacks, showing how high-profile MEV actors can become high-value targets.



A rare turnabout for a prominent MEV bot


MEV bots operate by monitoring unconfirmed transactions and attempting to reorder or manipulate trades to extract profit. In practice, this behavior often translates into an “invisible tax” for some DeFi users, especially during sandwich attacks—where an attacker places trades around a target transaction to capture value from price movement.


Cointelegraph Research previously estimated that sandwich attacks on Ethereum have produced around $60 million in annual losses for traders. That same research reportedly found 60,000 to 90,000 sandwich attacks per month between November 2024 and October 2025, with roughly 70% associated with Jaredfromsubway.eth. Against that backdrop, the Saturday incident is notable precisely because it shows an automated profit-seeking system can be engineered to fail in a way that benefits an adversary.



Blockaid: the exploit used approvals, not a direct “victim contract” bug


Blockaid emphasized that this was not a traditional victim-side vulnerability. In a statement on X, the company said the event was neither a classic phishing attack nor a standard smart-contract exploit of the victim contract.


According to Blockaid, the attacker exploited an aspect of how Jaredfromsubway.eth executes MEV strategies. The goal was to steer the bot’s “trust-minimized” automation—its automated, contract-driven decision logic—toward approvals that the attacker could later use to move funds.


Blockaid chief technology officer Raz Niv described the technique as a counter-MEV honeypot attack. Rather than attacking the bot’s private keys directly, the approach aimed to influence what the bot would do once it encountered transactions and on-chain artifacts that looked like opportunities aligned with its programmed objectives.



The “66 backdoors” narrative: fake tokens and liquidity pools


In a conversation with Cointelegraph, Niv said the attacker deployed fake token contracts over a period of weeks. He stated that there were 66 counterfeit token contracts designed to mimic well-known assets, including Wrapped ETH, USDC, and USDt. These fakes were paired with fake liquidity pools intended to make the ecosystem appear to offer profitable trades.


The counterfeit setup was engineered to resemble the kinds of transactions MEV bots typically chase. By presenting plausible trading conditions, the attacker “lured” Jaredfromsubway.eth into executing its normal logic—specifically, approving certain attacker-controlled helper contracts to spend funds on the bot’s behalf.


“Ironically, in the process, it provided the attacker the keys to millions in the bot’s treasury,” Niv said.


“And then in a single transaction, the attacker called all 66 backdoors and swept all the ETH, USDC, and USDT at these addresses, amounting to millions of dollars.”

The attack’s structure matters for investors and builders because it demonstrates a common automation pitfall: when systems rely on broad or reusable token allowances to operate efficiently, a malicious actor may focus on obtaining those allowances rather than breaking the underlying execution engine.



Why this matters for DeFi and automated trading


MEV activity is often discussed in terms of profitability and market mechanics, but the Jaredfromsubway.eth incident shifts attention to operational security. Even if a bot’s trading logic is intended to be automated and “trust-minimized,” that automation still has to interact with external contracts and grant permissions in order to operate.


The broader implication is that attackers can design environments that comply with the bot’s assumptions while quietly redirecting the outcome. In this case, the environment included fake token contracts and pools meant to look legitimate enough to trigger approvals—turning expected functionality into an exit path.


The timing and visibility of the story also add context. Earlier this year, Cointelegraph reported that Ethereum co-founder Vitalik Buterin was sandwiched by Jaredfromsubway.eth while swapping 26,544 DigitalBits, which was worth $2.11 at the time of writing. The harm in that example was reportedly minimal, but it illustrated that MEV bots may target transactions of any size. Saturday’s loss claim suggests the inverse is also true: high-profile MEV infrastructure can be targeted using the same automation pathways it uses to function.


Crypto investor and commentator David Gokhshtein reacted publicly to the news on X, framing it as a response to a bot that has benefited from sandwiching before—though he also cautioned against celebration.



What to watch next


For now, the key questions are how widespread similar approval-based counter-MEV tactics could be and whether bot operators will adjust their permissioning and contract interaction patterns to reduce exposure to authorization-driven drains. The next signal to monitor will be whether Blockaid’s described counter-MEV honeypot approach becomes a repeatable playbook—or prompts faster defensive changes across automated MEV systems.



https://www.cryptobreaking.com/sandwich-attack-bot-jaredfromsubway-eth/?utm_source=blogger%20&utm_medium=social_auto&utm_campaign=‘Sandwich%20attack’%20bot%20Jaredfromsubway.eth%20linked%20to%20$7.5M%20theft%20
Labels:

Comments

Post a Comment

Popular posts from this blog

Coinbase's x402 launches AI agents app store for payments

Coinbase-backed x402 has unveiled Agentic.market, a dedicated marketplace aimed at increasing the usefulness of AI agents by aggregating thousands of apps and services that agents can access without any API keys. The rollout positions the platform as a central hub for agents to discover, evaluate, and deploy capabilities across a standardized payments layer. Coinbase product lead Nick Prince described Agentic.market in a video posted on X as a storefront for discovering, comparing, and using x402 services. The marketplace is designed to give both humans and their AI agents access to a wide range of tools—from data feeds to consumer apps—without the friction of managing API credentials. A storefront for discovering, comparing, and using x402 services. Thousands of services. Zero API keys. Powered by x402. Prince added that the market offers a web interface for humans to browse and assess services, alongside a programming layer that lets AI agents autonomously search, filter, and integra...
Post a Comment
Read more

Mastercard Launches AI Agent Pay System With Ripple and Solana Help

Mastercard has launched Agent Pay for Machines, a payments system built for autonomous software agents. The service allows AI agents to send and receive payments without direct human action. It brings Ripple, Coinbase, and Solana Foundation into Mastercard’s push for automated digital commerce. Ripple Brings XRPL and RLUSD to Mastercard’s Agent Pay System Mastercard introduced Agent Pay for Machines on June 10 as a tool for machine-led payments. The system targets high-volume and low-value transactions across business and consumer use cases. It also supports automated settlement between software agents and connected machines. Ripple will support the system through the XRP Ledger and its RLUSD stablecoin. The company said that settlement will become more important as automated commerce grows. It also sees blockchain rails as useful for fast and rule-based payments. RippleX senior vice president Markus Infanger said XRPL and RLUSD support enterprise-grade agent payments. He said the tool...
Post a Comment
Read more

Top Cryptocurrencies to Watch: BTC, ETH, BNB, XRP, Solana, Dogecoin & More

Market Analysis and Price Predictions for Key Cryptocurrencies Recent market dynamics reveal a cautious sentiment across the cryptocurrency landscape, with Bitcoin struggling to maintain levels above $90,000 and many major altcoins facing downward pressure. Indicators point toward reduced participation from both institutional and retail investors, raising concerns about a potential consolidation phase after notable gains earlier in the year. Bitcoin has fallen below $87,000, reflecting waning demand at higher price points. Institutional fund flows into BTC and ETH ETFs have turned negative, indicating a period of subdued market activity. Active addresses and Binance deposit/withdrawal activities are at annual lows, suggesting market indecision. Most leading altcoins are approaching support levels, with some poised for potential breakdowns. Tickers mentioned: Bitcoin, Ethereum, Binance Coin, XRP, Solana, Dogecoin, Cardano, Bitcoin Cash, Chainlink, Hyperliquid Sentiment: Neutral to Sli...
Post a Comment
Read more