JaredFromSubway.eth MEV Bot Hack

TOTAL LOST $7.5M
Medium Other

Summarize with AI

ChatGPT Perplexity Claude Grok
Affected Chain 2026 Incident surface
Recovered - No recovery reported
All-Time Rank #355 By amount stolen
Protocol Type Exploit/Other Target category

Incident Overview

Quick Summary

In 20th June 2026, the highly prominent Ethereum-based sandwich-attack MEV bot operated by JaredFromSubway.eth suffered a devastating business logic exploit, resulting in a loss of approximately $7.5 million.

Details of the Exploit

The incident was a sophisticated "reverse honeypot" trap targeting the bot’s automated execution and routing logic rather than an inherent vulnerability within the Ethereum network or standard DeFi protocols. Over several weeks of preparation, the attacker deployed 66 fake token wrapper contracts and sham liquidity pools designed to closely mimic legitimate assets like WETH, USDC, and USDT. The attacker then fed malicious, artificial trading opportunities into the memepool to bait the automated sandwiching bot.

When the MEV bot executed its standard arbitrage routine on these decoy pairs, its routing logic was tricked into granting unrestricted token approvals to the attacker-controlled helper contracts. Once these multi-million dollar token allowances were securely trapped and preserved, the attacker executed a sweep transaction using transferFrom, pulling real WETH, USDC, and USDT directly out of the bot's wallet. The attacker swapped the extracted assets for roughly 4,400 ETH, aggressively routing the proceeds through Tornado Cash.

Incident Report

Protocol / Project JaredFromSubway.eth MEV Bot
Date of Incident
Attack Technique Other
Classification Other
Primary Source View Post-Mortem

Protocol Information

Protocol Type Exploit/Other
Team Anonymous
Source Code Unverified

What the Attacker Needed to Succeed

Understanding the prerequisites for this type of attack helps auditors identify protocols that are most at risk and helps developers build better defenses.

Technical Knowledge Deep understanding of other and Solidity and EVM internals
Capital Required Seed capital to cover gas and initial position setup
On-Chain Access Ability to interact with smart contracts and deploy a custom exploit contract
Protocol Analysis Identification of the exploitable vulnerability in JaredFromSubway.eth MEV Bot's contract logic - root cause: other
Execution Speed Precise transaction ordering and timing to exploit the vulnerability within a single atomic block
Obfuscation Plan A strategy to launder and move stolen funds - typically through mixers, cross-chain bridges, or decentralized DEX swaps to resist tracing

What Auditors Should Check

Could this have been caught in audit? Likely — with a thorough Other audit checklist and test coverage

If you're auditing a protocol with similar architecture to JaredFromSubway.eth MEV Bot, these are the critical security checks that could have prevented this incident (June 2026).

  • Verify all logic paths related to Other are guarded by proper access controls and input validation
  • Review privileged functions (owner, admin, governance) for potential abuse vectors - centralization risks should be documented and bounded with timelocks or multi-sigs

Master these auditing techniques with hands-on labs and real exploit scenarios in the Smart Contract Hacking course.

Free Trial

Sources & References

Browse all hacks

These hacks used the same attack technique. Understanding the pattern helps prevent future exploits.

Taiko $1.7M
Other
Aztec $2.0M
Other
Aztec $2.0M
Other
Raydium $1.3M
Other
ATM Token $244K
Other
Alephium $815K
Other

Learn to Prevent the Next JaredFromSubway.eth MEV Bot

The JaredFromSubway.eth MEV Bot hack is one of many attacks that skilled auditors are trained to detect before deployment. Master real exploit patterns and defense techniques with hands-on Web3 security training.

Start Free Trial Browse Attack Library
Recreate exploit patterns safely Free Trial