A leading Ethereum MEV bot, Jaredfromsubway.eth, has reportedly been drained of more than $7.5 million after an attacker exploited weaknesses in the bot’s automated execution workflow. The incident highlights a critical, often underappreciated risk for MEV infrastructure: once a bot is trusted with permissions, attackers only need to trick it into granting the right approvals to move funds.

According to Blockaid, the attacker used attacker-controlled contracts to manipulate Jaredfromsubway.eth’s automated MEV execution system into issuing token approvals that were later used to drain funds. Blockaid described the event as neither a classic phishing attempt nor a straightforward smart-contract vulnerability in the bot’s victim contracts.

Key takeaways

Blockaid attributes the theft to malicious approvals: attacker-controlled contracts induced Jaredfromsubway.eth to authorize spending before sweeping funds.
The attack was “counter-MEV” in design, targeting the bot’s trust-minimized decision logic and execution pipeline rather than attempting to directly compromise the bot’s private keys.
Fake token and liquidity artifacts played a central role, with the attacker deploying dozens of contracts designed to resemble major Ethereum assets and venues.
The event reinforces systemic MEV exposure—even bots that target profitable opportunities can become liabilities if they approve the wrong spending permissions.

What Blockaid says happened

In its account of the incident, Blockaid said the attacker’s main move was to exploit how automated MEV bots operate: by monitoring activity and then executing trades based on what appear to be profitable on-chain opportunities. In this case, the “profitable” paths were set up by the attacker using contracts that behaved like bait.

Blockaid noted that the event on Saturday did not resemble a typical phishing scenario, and it was not characterized as a traditional smart-contract bug in the bot’s victim logic. Instead, the focus was on the automated execution system itself—specifically the token approval steps that enable a bot to interact with assets and helper contracts during MEV operations.

A “honeypot” aimed at the bot’s approvals

Blockaid’s chief technology officer, Raz Niv, told Cointelegraph that the attack functioned as a counter-MEV honeypot. The strategy, he explained, was to target the bot’s trust-minimized decision-making logic—the part that determines which trades to pursue and which contracts to empower.

Over several weeks, the attacker allegedly deployed 66 fake token contracts designed to imitate familiar assets such as Wrapped ETH (WETH), USDC, and USDT, pairing them with fake liquidity pools. The goal was to create the appearance of trade opportunities that automated systems like Jaredfromsubway.eth are programmed to seek.

Once the bot interacted with these counterfeit contracts, Jaredfromsubway.eth reportedly approved certain attacker-controlled helper contracts that would later be used to move real funds. As Niv put it, the bot effectively handed over “the keys” to its treasury—an important reminder that approvals can be as dangerous as vulnerabilities when automation is involved.

“And then in a single transaction, the attacker called all 66 backdoors and swept all the ETH, USDC, and USDT at these addresses, amounting to millions of dollars.”

Why this matters beyond one wallet

MEV bots are typically described as automation that scans unconfirmed or pending activity and then reorders or manipulates transactions to extract profit. In doing so, they can impose an “invisible tax” on DeFi users—an issue that has drawn substantial research attention over the years.

Earlier Cointelegraph Research found that sandwich attacks on Ethereum caused roughly $60 million in annual losses for traders, with the analysis also reporting 60,000 to 90,000 sandwich attacks per month between November 2024 and October 2025. That same research said around 70% of those attacks were associated with Jaredfromsubway.eth.

This new development turns the spotlight from the bot’s profit extraction methods to the security assumptions that power those same operations. When an MEV system depends on automated approvals and execution pathways, attackers may not need to break cryptography or exploit a bug in victim contracts. They may only need to engineer on-chain interactions that cause the bot to authorize spending to attacker-controlled addresses.

MEV’s reach has been wider than people realize

While this reported drain is by far the most serious outcome, Cointelegraph noted another instance involving Jaredfromsubway.eth: in May, Ethereum co-founder Vitalik Buterin was sandwich attacked while swapping 26,544 DigitalBits (worth $2.11 at the time of Cointelegraph’s writing). The losses in that case were reportedly small, but it underscored that MEV bots can target even relatively modest transactions.

The broader point for market participants is that MEV activity is not limited to high-profile trades. It can reach across liquidity conditions and transaction sizes, depending on how opportunities appear to bots in real time. For users and integrators, that reality has been part of the ongoing debate around fairness, transparency, and how encrypted transaction infrastructure changes the incentives for adversaries.

It’s also a reminder that the line between attacker and victim in MEV is frequently thinner than the public narrative suggests. The same operational patterns that enable profit extraction can be subverted—particularly when bots must make rapid execution decisions and grant permissions without full guarantees about the counterparties they’re dealing with.

Going forward, investors, DeFi users, and builders should watch for two signals: whether this incident triggers wider scrutiny of how MEV bots handle approvals and “helper” contracts, and whether similar “counter-MEV honeypot” tactics appear against other automated systems. The technical details of token-approval misuse are often portable, and the next exploit may be less about one bot’s identity and more about the shared automation patterns that many MEV tools rely on.