The Taxman Got Taxed: MEV Bot Jaredfromsubway.eth Loses $7.5M to Counter-Honeypot 🍯

One of crypto's most prolific maximal extractable value (MEV) bots, Jaredfromsubway.eth, was drained of more than $7.5 million on June 20 in what security researchers are calling a counter-MEV honeypot attack. The exploit weaponized the same automated, trust-minimized decision-making logic that has allowed the bot to extract hundreds of millions from everyday DeFi users through sandwich attacks. "This is not a classic phishing attack and not a traditional smart-contract vulnerability in the victim contract," Blockaid said on X. According to Blockaid, the attacker tricked Jaredfromsubway.eth into granting token approvals that were later used to sweep funds.

The scheme unfolded over several weeks. According to Blockaid chief technology officer Raz Niv, the attacker deployed 66 fake token contracts that mimicked the names and interfaces of Wrapped ETH ($ETH), USDC ($USDC), and USDt ($USDT) and paired them with fake liquidity pools designed to look like profitable trades. As Jaredfromsubway's bot chased the bait, it approved attacker-controlled helper contracts to spend real money on its behalf. "Ironically, in the process, it provided the attacker the keys to millions in the bot's treasury," Niv said. "And then in a single transaction, the attacker called all 66 backdoors and swept all the ETH, USDC, and USDT at these addresses, amounting to millions of dollars."

The proceeds included 1,583 ETH, 2.87 million USDC, and 2.09 million USDT, which were consolidated and swapped into 4,427 ETH. Multiple exact transfers of 100 ETH, each worth approximately $172,000, were then moved into Tornado Cash, with at least 1,000 ETH entering the mixer as laundering activity accelerated. Blockaid said the attack specifically targeted the automated logic of MEV bots rather than exploiting a flaw in any single smart contract, making the victims' own approval workflows the entry point.

The incident highlights the scale of Jaredfromsubway.eth's prior activity. Cointelegraph Research previously found that sandwich attacks on Ethereum cause about $60 million in annual losses for traders, and that between November 2024 and October 2025 there were 60,000 to 90,000 sandwich attacks per month, with roughly 70% of them linked to the same bot. In May, Ethereum co-founder Vitalik Buterin was sandwich attacked by Jaredfromsubway.eth while swapping 26,544 DigitalBits, then worth about $2.11. Reacting to news of the exploit, crypto investor and commentator David Gokhshtein said, "We shouldn't be happy about this; no one should celebrate ... but if you've ever been sandwiched by this ... I'm pretty sure you're not upset about this news."