An unnamed attacker stole approximately $7.5 million [1] from the largest sandwich bot on the Ethereum blockchain this Sunday.
The exploit highlights the inherent risks of Maximum Extractable Value (MEV) strategies, where bots designed to profit from other traders can themselves become targets of similar tactics.
The bot, operated by Jaredfromsubway.eth, was drained of a combination of WETH, USDC, and USDT [1]. Reports said the attacker employed a counter-MEV trap to execute the theft [2]. This method involved tricking the bot into approving fake trading routes, which the attacker then used to authorize the removal of funds from the bot's wallet [1].
Sandwich bots typically operate by identifying pending transactions in the Ethereum mempool and placing orders around them to profit from the resulting price slippage. In this instance, the attacker reversed the dynamic by exploiting the bot's own approval mechanisms [2].
The total loss is estimated at $7.5 million [1], [2]. The incident occurred on-chain, meaning the transactions are permanently recorded on the Ethereum ledger, though the identity of the attacker remains unknown.
This event marks one of the most significant losses for a high-profile MEV bot to date. It demonstrates that even the most sophisticated automated trading tools can be vulnerable to logic errors or deceptive inputs if their approval protocols are not sufficiently guarded [2].
“An unnamed attacker stole approximately $7.5 million from the largest sandwich bot on the Ethereum blockchain.”
This exploit illustrates the 'predator becoming the prey' dynamic within the Ethereum MEV ecosystem. By using a counter-MEV trap, the attacker turned the bot's automated approval process into a liability, signaling that as automated trading strategies evolve, the security of the smart contracts and approval logic governing those bots becomes as critical as the trading algorithms themselves.
