One of crypto’s most prolific MEV bots just lost more than $7.5 million after an attacker spent weeks setting a very patient trap. Jaredfromsubway.eth, a bot notorious for extracting millions from everyday traders through sandwich attacks, was beaten at its own game when a carefully engineered scheme tricked its automated systems into handing over access to its treasury.
According to Cointelegraph, the incident happened on a Saturday and was confirmed by blockchain security firm Blockaid. The attacker used fake token contracts and fake liquidity pools to manipulate the bot’s own decision-making logic, the same logic it uses to profit from traders every day.
“This is not a classic phishing attack and not a traditional smart-contract vulnerability in the victim contract,” Blockaid said on X. Instead, Blockaid’s chief technology officer Raz Niv described it as a “counter-MEV honeypot attack” that specifically targeted the automated, trust-minimized execution system that MEV bots rely on.
To understand why this matters, it helps to know what MEV bots actually do. MEV stands for maximal extractable value. These are automated programs that watch the mempool, the queue of unconfirmed transactions on a blockchain, and insert themselves into the order of transactions to extract profit. A sandwich attack is one of the most common tactics: the bot spots a pending trade, places a buy order just before it and a sell order just after, pushing up the price for the original trader and pocketing the difference. It’s a form of profit extraction that Cointelegraph Research has linked to roughly $60 million in annual losses for traders.
Jaredfromsubway.eth was the dominant player in this space. Between November 2024 and October 2025, there were 60,000 to 90,000 sandwich attacks per month on Ethereum, and about 70% of them were linked to this single bot. Even Ethereum co-founder Vitalik Buterin was caught in one of its traps in May, when the bot sandwiched his swap of 26,544 DigitalBits tokens. The losses were tiny, but the moment highlighted that no transaction is too small to be a target.
The attack that took down Jaredfromsubway.eth was anything but impulsive. According to Niv, the attacker spent several weeks deploying 66 fake token contracts that mimicked the names and interfaces of major assets like Wrapped ETH, USDC, and USDT. These fakes were then paired with fake liquidity pools designed to look like profitable trading opportunities, exactly the kind of setup an MEV bot is programmed to chase.
As the bot kept interacting with these fake contracts over time, it was slowly manipulated into approving attacker-controlled helper contracts to spend real funds on its behalf. Then, in a single transaction, the attacker called all 66 backdoors at once and swept the ETH, USDC, and USDT held across those addresses.
“Ironically, in the process, it provided the attacker the keys to millions in the bot’s treasury,” Niv said.
Some of the stolen funds have already been sent to Tornado Cash, a crypto mixing service, according to onchain data, which makes recovery unlikely.
The reaction from the crypto community has been mixed. Some have pointed out that the bot was drained using a version of the same manipulation it inflicted on others for years. Crypto commentator David Gokhshtein put it plainly: “We shouldn’t be happy about this; no one should celebrate… but if you’ve ever been sandwiched by this… I’m pretty sure you’re not upset about this news.”
The incident is a rare and significant setback for the MEV ecosystem. It also raises real questions about how automated systems can be manipulated through long-term, methodical deception rather than a single exploit. The attacker didn’t find a bug in a smart contract. They understood how the bot thought and built a trap around it, which is a much harder class of attack to defend against.
For the broader DeFi space, the story cuts both ways. MEV bots like Jaredfromsubway.eth have long been criticized for acting as an invisible tax on ordinary users. But the same automation that makes them profitable also makes them vulnerable to anyone patient enough to study their behavior and exploit it.