Community Trust ScoreVerified
A single bot. $7.5 million gone. And the Ethereum network still doesn’t have a clean answer for how it happened at this scale.
The bot known as jaredfromsubway.eth basically owned the sandwich attack game on Ethereum between November 2024 and October 2025, accounting for 70% of all such attacks during that stretch. That’s not a rounding error — that’s dominance. The kind of market share that, in any other industry, would trigger antitrust conversations. Here it just triggers wallet losses and a lot of frustrated developers.
Sandwich attacks aren’t new.
But the sheer concentration of them in one bot’s hands is what makes jaredfromsubway.eth different. The mechanics are pretty straightforward, even if the execution is technically demanding: the bot spots a pending transaction, jumps in front of it with a buy order, waits for the victim’s trade to push the price up, then immediately sells into that movement. The victim gets a worse price. The bot pockets the spread. Repeat thousands of times and you’re looking at $7.5 million in extracted value.
How One Bot Captured 70% of Ethereum’s Sandwich Activity
Ethereum’s transaction sequencing has always had soft spots. The way transactions sit in the mempool — publicly visible before they’re confirmed — creates a window that sophisticated bots can exploit. Jaredfromsubway.eth clearly had a sophisticated read on those windows. Its ability to capture 70% of sandwich attacks over roughly a year points to something built with real technical depth, not a hobbyist script running on a laptop somewhere.
The identity behind the bot is still murky. Blockchain technology gives operators a layer of anonymity that’s genuinely hard to crack, and whoever built jaredfromsubway.eth seems to have understood that well. No name, no public wallet tied to a known entity, no slip-ups that the community has been able to pin down publicly. Unclear whether that changes anytime soon.
What’s clear is the financial damage. $7.5 million extracted from traders who probably didn’t even know they were being sandwiched in real time. Most victims wouldn’t see it in their transaction history as an “attack” — they’d just see a slightly worse execution price and move on. That’s kind of the insidious part of it. The losses are diffuse. Spread across hundreds or thousands of trades. No single victim gets hit for a life-changing amount, but the aggregate is enormous.
Ethereum Developers Scramble for Countermeasures
The Ethereum developer community isn’t ignoring it. Discussions are ongoing about potential upgrades and protocol changes that could reduce the attack surface for bots like this one. But specific solutions haven’t been announced yet, and the decentralized nature of Ethereum makes rolling out comprehensive fixes genuinely hard. There’s no single authority that can just push a patch.
Some of the conversations are focused on transaction sequencing itself — whether there are ways to reduce the mempool’s transparency in ways that don’t break other things. Others probably involve slippage controls and better tooling for end users. But details remain undisclosed, and the community seems to be in the analysis phase more than the deployment phase right now.
That’s probably the honest place to be. Rushing a fix for something this technically complex could create new vulnerabilities. And jaredfromsubway.eth’s run — 70% of all sandwich attacks over a full year — is actually useful data. It maps the attack surface in a way that vague theoretical discussions can’t.
Decentralized finance protocols have been hit hard by this kind of activity broadly, not just from this one bot. The wider DeFi space has spent years grappling with MEV — maximal extractable value — as a structural feature of how public blockchains work. Sandwich attacks are one of the more visible and damaging forms of MEV extraction. Jaredfromsubway.eth just happened to be exceptionally good at it.
And that’s what makes the $7.5 million figure worth sitting with for a second. It’s not just a theft number. It’s a measure of how much value can be systematically drained from ordinary traders by a single sophisticated actor operating entirely within the technical rules of a network. No hack. No exploit in the traditional sense. Just a bot that understood the sequencing better than everyone else.
No concrete timeline for fixes. No named developers attached to specific proposals. The community keeps watching the mempool.
Frequently Asked Questions
What exactly is a sandwich attack on Ethereum?
A sandwich attack happens when a bot spots a pending trade in the mempool, places a buy order just before it and a sell order just after, profiting from the price movement the victim’s own transaction creates.
How much did jaredfromsubway.eth extract through sandwich attacks?
The bot was linked to $7.5 million in extracted value through sandwich attacks on Ethereum, accounting for 70% of all such attacks between November 2024 and October 2025.
