Community Trust ScoreVerified
One of Ethereum’s most active MEV bots just got played. JaredFromSubway.eth—a bot with 6.4 million transactions under its belt—walked straight into a trap and lost $7.5 million in crypto, drained across nearly 100 blocks by an attacker who knew exactly how the bot thought.
Blockchain investigator Specter caught the suspicious activity first. The numbers are pretty brutal: approximately 1,475 WETH (worth around $2.6 million at the time), $2.9 million in USDC, and $2 million in USDT were pulled out of the bot’s wallet. The targeted address, labeled “jaredfromsubway: MEV Bot 2” on Etherscan, had been running since August 2024. It’s the second iteration of a bot that built its whole business around “sandwiching”—a strategy where the bot spots a pending trade, jumps in front of it, and then sells into the price bump it caused. Profitable, yes. Loved by the community? Not really.
How the Trap Actually Worked
The attacker didn’t brute-force anything. Yearn developer Banteg broke down the mechanics: over 97 Ethereum blocks, the attacker dangled what looked like small, easy sandwich opportunities involving fake token pairs. The bot bit. Again and again. Each trade seemed fine on the surface—just another routine sandwich play. But each one also got the bot to approve the attacker’s contracts to access its WETH, USDC, and USDT holdings.
That’s the key part. The approvals built up quietly, block by block, until the attacker had everything they needed. Then came the final move: one massive withdrawal that emptied the wallet. The bot basically handed over the keys itself, one small approval at a time. Slow, patient, and apparently very well planned.
Ninety-seven blocks. That’s not a smash-and-grab. That’s a siege.
Scams, Bounties, and “Well Played”
After the hack went public, the chaos started fast. A recently renamed X account called “jaredsmev” started posting fake bounty offers, claiming rewards between $1 million and $7.5 million for information. At least one major crypto news outlet briefly shared one of those fraudulent offers before pulling it down. The confusion around the total loss made it easy for scammers to muddy the water.
The real operator of JaredFromSubway.eth took a different route. Through an on-chain message—no intermediaries, just a direct blockchain transaction—the operator reached out to the attacker. The message opened with “Well played,” which is either genuine respect or the most frustrated compliment in DeFi history. Probably both. The operator asked for 2,150 ETH back, which represents roughly half the stolen funds, and gave the attacker 48 hours to comply. Legal action was on the table if the deadline passed without a response.
No response came. At least not publicly.
And then there’s the Robin Hood angle. Some users who’d previously been sandwiched by JaredFromSubway.eth’s bot contacted the attacker directly, asking for refunds. A few praised the whole thing as a kind of rough justice. MEV bots aren’t exactly popular—they extract value from ordinary traders without adding much back—so the community reaction was split. Some called the attack clever and deserved. Others pointed out that celebrating theft, even against a bot they dislike, sets a messy precedent for DeFi security norms.
The operator, for their part, kept engaging on-chain. Rare to see that level of direct communication in a situation like this, but it’s one of the stranger features of decentralized finance—when something goes wrong, the parties involved can talk directly through the blockchain itself, no lawyers needed in the first round.
The attacker’s silence makes everything murkier. No public statement, no response to the bounty offer, no acknowledgment of the on-chain messages. Whether the 2,150 ETH ever moved back is unclear. The 48-hour window the operator set has long passed, and the funds’ status wasn’t confirmed in the source material.
What’s not murky: the bot approved those contracts itself. The attacker found a way to turn the sandwiching strategy against the sandwich maker, using patience and fake token pairs instead of any obvious exploit. MEV bots operate in a competitive, largely unregulated corner of DeFi, and that’s always carried risk. It’s just that the risk usually flows in the other direction—toward regular traders getting front-run on every swap.
The operator’s on-chain message ended with a warning of legal consequences. The attacker’s wallet held $7.5 million.
Hub: USDC price, news, and analysis
Frequently Asked Questions
What exactly did JaredFromSubway.eth lose in the attack?
The bot lost approximately 1,475 WETH (around $2.6 million), $2.9 million in USDC, and $2 million in USDT, totaling $7.5 million extracted across 97 Ethereum blocks.
What bounty did the bot’s operator offer the attacker?
The operator sent an on-chain message offering to accept the return of 2,150 ETH—roughly half the stolen funds—within 48 hours, and warned of legal action if the deadline wasn’t met.
