Newsgather
BackJaredfromsubway Trading Bot Suffers $7.5 Million Exploit
Jaredfromsubway Trading Bot Suffers $7.5 Million Exploit
Developing
Decrypt6/22/2026Business2 min read

Jaredfromsubway Trading Bot Suffers $7.5 Million Exploit

Quick Look

  • The popular trading bot Jaredfromsubway was exploited for $7.5 million in a sophisticated attack involving fake tokens and fraudulent smart contracts.
  • The bot's logic was exposed, allowing an attacker to drain funds.
  • The operator offered a bounty for the return of stolen assets.

AI-generated summary

Why It Matters

A well-known trading bot named Jaredfromsubway, known for sandwich attacks, was exploited for $7.5 million due to fake tokens and fraudulent smart contracts. The operator offered a bounty for the return of funds.

Font size

In brief

Jaredfromsubway, a well-known trading bot, fell victim to a series of transactions that left its logic exposed to malicious behavior.

The trading bot has developed a reputation for so-called sandwich attacks, but it was abused by fake tokens and fraudulent smart contracts.

Jaredfromsubway’s operator offered the attacker a bounty, yet a portion of the stolen funds had been transferred to Tornado Cash.

A well-known trading bot took a notable hit this weekend after it fell victim to a series of transactions that left its logic exposed to malicious behavior.

The $7.5 million attack, which took place on Saturday, marked a sudden setback for “jaredfromsubway” and the formula it has used to quietly notch profits on Ethereum for years.

The trading bot has been credited with perfecting the so-called sandwich attack. The strategy is widely viewed as a form of market manipulation on decentralized exchanges, involving trades that are placed around pending transactions and hurt price execution.

Essentially, an attacker presented jaredfromsubway with misleading opportunities that later allowed the bad actor to drain legitimate funds, according to security firm Blockaid. The scheme boiled down to fake tokens and fraudulent smart contracts, Blockaid added in an X post.

Jaredfromsubway is designed to continuously scan for profitable trades, and in order to act on them, it occasionally needs to provide entities with permission to move funds on its behalf.

Some transactions that jaredfromsubway engaged in revoked those powers as soon as they were completed, while the ones that were crafted later by the attacker didn’t. “That left attacker-controlled spenders armed,” Blockaid explained.

Although the crypto industry has developed several services to prevent sandwich attacks, entities like jaredfromsubway are viewed, in some ways, as unavoidable. However, Saturday’s attack showed that the trading bot’s logic is far from infallible.

The trading bot’s operator appeared to recognize this. In an on-chain message, they offered a “50% white hat bounty” for the return of 2,150 Ethereum, currently valued at roughly $3.7 million, within the next 48 hours. Otherwise, the individual behind the bot threatened to pursue legal remedies and involve law enforcement.

“Finally, someone punished the infamous sandwich attacker,” an onlooker remarked on X. “People don't die without experiencing what they've inflicted on others.”

Sandwich attacks fall under the umbrella of Maximal Extractable Value (MEV). Coined in 2019, the term refers to validators and other participants who are able to generate profits by reordering transactions before they are finalized.

Following the exploit on Saturday, the attacker appeared to begin covering their tracks.

Open Questions

  • Will the attacker be apprehended?
  • What legal actions will be taken?
  • How will this impact future MEV strategies?

Related Topics

This article was originally published by Decrypt.

Related Stories

More on this topicjaredfromsubway