The Ethereum MEV bot known as Jaredfromsubway.eth — at one point responsible for 70% of sandwich attacks on the network — was itself exploited for $7.5 million. The incident, which came to light this week, marks a rare case of an attacker turning the tables on a prominent predatory trading operation.
Who got hit
Jaredfromsubway.eth was the dominant player in Ethereum sandwich attacks between November 2024 and October 2025, executing roughly seven out of every ten such trades. Sandwich attacks work by placing a buy order just ahead of a victim's pending transaction and a sell order right after, skimming profit from the price move. The bot's operator, whose real identity remains unknown, had been running what was essentially a private extraction machine on the network.
How the exploit worked
Details are still sparse, but on-chain data shows the attacker managed to drain roughly $7.5 million from wallets controlled by Jaredfromsubway.eth. The method appears to have involved a vulnerability in the bot's own smart contract logic — the kind of flaw Jaredfromsubway.eth had likely exploited in others. The stolen funds have since moved through several mixers, making recovery unlikely.
The timing isn't great for the broader MEV ecosystem. Jaredfromsubway.eth's dominance had already drawn regulatory scrutiny and user complaints about frontrunning on Ethereum. An exploit of this size — on a bot that was itself a notorious extraction tool — undercuts the argument that MEV is a victimless optimization. It also raises a practical question: if the top sandwich bot can get cleaned out, how safe are the rest?
No exchange or protocol has publicly claimed responsibility for the attack. The affected operator hasn't issued a statement. What's clear is that the attacker walked away with millions, and the bot that once terrorized Ethereum traders has been silenced, at least for now.
