jaredfromsubway MEV Bot Drained for $7.5 Million in Sophisticated Counter-MEV Honeypot
A major Ethereum MEV bot known as jaredfromsubway.eth was drained of roughly $7.5 million on Saturday in a clever counter-MEV attack.
What Happened
An attacker tricked the bot into approving malicious contracts, allowing them to steal its funds. The drained assets included WETH, USDC, and USDT.
Onchain security firm Blockaid and other analysts confirmed the total loss at approximately $7.5 million. The attacker later converted the funds into about 4,427 ETH and sent 1,000 ETH through Tornado Cash.
How the Attack Worked
The attacker spent weeks building an elaborate honeypot. They deployed 66 fake token contracts mimicking WETH, USDC, and USDT with counterfeit liquidity pools.
The MEV bot, programmed to hunt profitable sandwich trades, fell for the bait. It granted token approvals to attacker-controlled contracts. While small test trades worked normally, larger transactions left the approvals open, enabling the final drain.
About the jaredfromsubway Bot
The jaredfromsubway.eth bot has been one of Ethereum’s most active MEV operators since early 2023. It is famous for executing sandwich attacks — a type of Maximal Extractable Value (MEV) strategy.
The bot’s name references the disgraced former Subway spokesman Jared Fogle. It has processed tens of thousands of transactions and was once Ethereum’s top gas spender.
Unverified Bounty Claim
An X account (@jaredsmev) claiming to represent the bot posted about a $15 million loss and offered a $1 million bounty for fund recovery. However, most analysts believe this account is an impersonator.
Aftermath
The attack highlights growing risks in the MEV space, including sophisticated honeypot tactics targeting automated trading bots.
The real operator of jaredfromsubway.eth remains pseudonymous and has not issued an official statement.
