Summary
- The trading bot known as Jaredfromsubway experienced a significant loss due to a series of transactions that compromised its operational logic.
- This bot has been known for executing sandwich attacks but was exploited through fraudulent tokens and smart contracts.
- The operator of Jaredfromsubway has proposed a bounty for the return of stolen assets, while some of the funds have already been moved to Tornado Cash.
This weekend, the trading bot Jaredfromsubway suffered a considerable setback, losing $7.5 million after being targeted by a malicious series of transactions that exploited its operational logic.
The incident, which occurred on Saturday, represents a stark blow to the bot that has consistently generated profits on Ethereum over the years.
Jaredfromsubway is recognized for executing what are known as sandwich attacks, a strategy that is often considered a form of market manipulation on decentralized exchanges. This method involves placing trades around pending transactions, which adversely affects price execution.
According to the security firm Blockaid, the attacker misled Jaredfromsubway with deceptive opportunities, which ultimately allowed them to siphon off legitimate assets. The scheme relied on fraudulent smart contracts and fake tokens, Blockaid noted in a post on X.
The bot is programmed to continuously search for profitable trading opportunities and often needs to authorize certain entities to manage funds on its behalf. Some of the transactions executed by Jaredfromsubway had permissions that were revoked immediately after completion, while the later transactions crafted by the attacker retained those permissions. “This left the attacker with the ability to control funds,” Blockaid elaborated.
Despite the crypto sector developing several measures to mitigate sandwich attacks, entities like Jaredfromsubway are often seen as unavoidable targets. However, this incident illustrates that the bot’s logic is not foolproof.
The operator of the bot acknowledged this vulnerability. In an on-chain message, they proposed a “50% white hat bounty” to recover 2,150 Ethereum, which is currently valued at approximately $3.7 million, within 48 hours. If not, the operator threatened to seek legal recourse and involve law enforcement.
You can't make this up 💀
The wallet associated with metamask.eth had something to say to JaredFromSubway regarding his recent onchain bounty request.
There’s virtually no chance that the individual or group behind the exploit will accept the bounty, nor is it likely that Jared will pursue legal action… https://t.co/bSDkGZJ4Ik pic.twitter.com/3Xhx0YKH2T
— zubic (@zubic_eth) June 22, 2026
“Finally, someone punished the notorious sandwich attacker,” commented an observer on X. “People don’t face consequences without experiencing the impact of their own actions.”
Sandwich attacks are categorized under Maximal Extractable Value (MEV), a term first introduced in 2019, describing how validators and other participants can profit by rearranging transactions before they are finalized.
After the attack on Saturday, the perpetrator seemed to begin concealing their tracks. Security firm PeckShield reported in a post on X that—following their theft of wrapped Ethereum and stablecoins—a portion of the funds was swapped and partially deposited into Tornado Cash, a platform commonly used by attackers to obscure the trail of their illicit gains.