Ethereum’s most popular MEV bot loses $7.5 million in an on-chain honeypot

An attacker drained nearly $7.5 million from JaredFromSubway MEV, one of the most active sandwich attack schemes in Ethereum, after tricking it into agreeing to spend a token that should never have been granted.

Security firm Blockaid, which reported the incident, said the bot did not suffer a smart contract flaw, phishing attack, or private key leak. Instead, the attacker turned the bot’s profit logic against him.

How the MEV robot was scammed

The JaredFromSubway MEV bot runs an automated strategy that scans the pool of Ethereum memories in search of profitable trades. This practice is known as Maximum extractable value.

The robot runs the front and back of other trades to capture the price difference, a tactic called a sandwich attack.

It became notorious in April 2023. In one day, it burned over $1 million worth of gas, roughly 8% of the total gas. Ethereum gas spending.

I remember that in 2023, Jared From Subway was making close to a million dollars a day from memecoin front-end traders

It was really cool https://t.co/udufw39Zry pic.twitter.com/KL5q4ZIfrq

– Good (@thenarrator) June 20, 2026

The attacker spent weeks spreading 66 fake token contracts. The counterfeit coins imitated Wrapped Ether (WETH), US Dollar Coin (USDC), and Tether (USDT).

#PeckShieldAlert Specter reported this #MEV bot #JaredFromSubway It appears that approximately $7.5 million worth of cryptocurrencies have been drained, including 1,474.58 $WETH2.87 m USD/USD& 2 m $USDT.

The attacker exchanged the stolen funds for 4.4K ETH and actually deposited 1K ETH into it #TornadoCash pic.twitter.com/qY6IVDdnGJ

– Peak Shield Alert (@peakShieldAlert) June 20, 2026

To the robot, these nodes looked like paths they were designed to chase. I took the bait and agreed to spend on attacker-controlled aid contracts. Only one approval delivered over 92 WETH.

Then use the final contract for those open allowances Sweep Real money from robot.

MEV reverse trap

The trap turned the robot’s speed and aggressiveness into a weakness. Hunting MEV bots is nothing new. In 2023, a rogue auditor drained about $25 million from… MEV sandwich robots.

“Attacker-controlled contracts trick MEV’s automated execution system into granting token approvals, which are later used to drain funds,” Blockaid. Shown.

Sandwich attacks like this have long drawn criticism for their actions Invisible tax On daily traders.

The robot operator estimated the loss at about $15 million. They also offered a $1 million reward to return the money. Blockaid and PeckShield assess on-chain attrition at approximately $7.5 million in WETH, USDC, and USDT.

Which operator recovers anything may now depend on the attacker accepting that offer.

this post Ethereum’s most popular MEV bot loses $7.5 million in an on-chain honeypot appeared first on BeInCrypto.

Source link