Close Menu
Altcoinvest
    What's Hot

    Bitcoin Warning: This Is The ONLY Level You Need To Pay Attention To!

    July 14, 2026

    JPMorgan sees Hyperliquid partnership weighing on Circle, Coinbase

    July 14, 2026

    Chart Decoder Series: Donchian Channels: How Traders Spot Breakouts 

    July 14, 2026
    Facebook X (Twitter) Instagram
    Altcoinvest
    • Bitcoin
    • Altcoins
    • Exchanges
    • Youtube
    • Crypto Wallets
    • Learn Crypto
    • bitcoinBitcoin(BTC)$64,229.002.34%
    • ethereumEthereum(ETH)$1,876.225.31%
    • tetherTether(USDT)$1.00-0.01%
    • binancecoinBNB(BNB)$581.082.03%
    • usd-coinUSDC(USDC)$1.00-0.01%
    • rippleXRP(XRP)$1.102.25%
    • solanaSolana(SOL)$77.241.46%
    • tronTRON(TRX)$0.325725-0.07%
    • Figure HelocFigure Heloc(FIGR_HELOC)$1.031.92%
    • HyperliquidHyperliquid(HYPE)$64.921.18%
    Altcoinvest
    Home»Altcoins»JaredFromSubway MEV bot gets drained in $7.5m approval trap
    JaredFromSubway MEV bot gets drained in .5m approval trap
    Altcoins

    JaredFromSubway MEV bot gets drained in $7.5m approval trap

    June 21, 2026
    Share
    Facebook Twitter LinkedIn Pinterest Email

    JaredFromSubway MEV bot gets drained in $7.5m approval trap

    Ethereum’s well-known MEV bot JaredFromSubway was drained after an attacker used contracts that made its automated trading system grant token approvals, according to Blockaid.

    Summary

    • Blockaid says attacker-controlled contracts tricked JaredFromSubway’s automated system into granting approvals later used for draining.
    • Jared publicly claimed a $15 million loss, while Blockaid’s public estimate stood near $7.5 million.
    • Crypto.news previously tied JaredFromSubway to Vitalik Buterin’s swap and heavy Ethereum gas use in 2023.

    The security firm said the incident was not a normal phishing case and not a direct bug in the victim contract. 

    “This is not a classic phishing attack and not a traditional smart-contract vulnerability in the victim contract,” Blockaid said. 

    The firm said the bot approved attacker-controlled contracts during routes that appeared to be profitable MEV trades.

    🚨Community Alert:
    Blockaid Exploit Detection system detected an exploit involving the @jaredsmev MEV bot on Ethereum.
    The incident resulted from attacker-controlled contracts tricking an automated MEV execution system into granting token approvals, later used to drain funds.…

    — Blockaid (@blockaid_) June 20, 2026

    Blockaid says approvals stayed open

    Blockaid said the attacker first tested routes where approvals were used at once, leaving no open allowance. Later, the attacker changed the route design so the bot gave approvals that were not spent or revoked.

    One example cited by Blockaid involved an approval of about 92.16 WETH to an attacker helper contract. Etherscan data for the transaction showed jaredfromsubway.eth interacting with its MEV Bot 2 contract before the later sweep. The transaction record also showed ERC-20 movements tied to the same automated route.

    Final sweep hit WETH, USDC and USDT

    The final transaction used the open approvals to pull WETH, USDC and USDT from the JaredFromSubway MEV bot contract through transferFrom. Etherscan showed transfers from “jaredfromsubway: MEV Bot 2” to the attacker wallet beginning with 0x3e37.

    Blockaid put the drained amount at about $7.5 million. The JaredFromSubway account later claimed the loss was $15 million and offered a $1 million bounty for the full return of the funds. That difference has not been fully explained in the public posts reviewed.

    🚨 Major incident: My MEV bot JaredFromSubway.eth was just drained for $15M

    I am offering a $1,000,000 USD bounty for the full return of the funds

    No Q asked. Full confidentiality and safe return guaranteed. This is a legitimate, time-sensitive bounty.
    Contact me privately. https://t.co/5VXfdg9tap

    — Jaredfromsubway.eth (@jaredsmev) June 20, 2026

    How the attacker turned the bot’s logic against it

    The attack appears to have targeted the bot’s own trading workflow. MEV bots watch Ethereum activity and act on transactions that look profitable. In this case, attacker-controlled contracts made the route look useful enough for the bot to approve spending rights.

    The attacker used 66 fake token contracts that copied the look and function of WETH, USDC and USDT. These contracts were paired with fake liquidity pools. The setup pushed the bot toward approvals that later became the path for the drain.

    JaredFromSubway’s record is back in focus

    JaredFromSubway is one of Ethereum’s most watched sandwich bots. In a sandwich attack, a bot places trades before and after a user’s swap. This can give the user a worse price while the bot captures the spread.

    As previously reported by crypto.news, JaredFromSubway targeted a small swap by Ethereum co-founder Vitalik Buterin in April, using about $1.14 million in WETH volume across SushiSwap and Uniswap V2. Crypto.news also reported in 2023 that the bot used 455 ETH in gas within 24 hours and accounted for about 7% of Ethereum gas use during that period.

    The exploit now puts attention on token approvals used by automated systems. The case shows how a system built to act quickly on open market data can be steered into unsafe permissions when controls around approvals are weak. It also adds a new chapter to the wider debate over MEV, sandwich trades and user protection on Ethereum.

    For now, the key public details remain split between Blockaid’s technical thread, the on-chain records and posts from the JaredFromSubway account. No recovery had been confirmed in the reviewed updates.

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

    Related Posts

    JPMorgan sees Hyperliquid partnership weighing on Circle, Coinbase

    July 14, 2026

    SBI Secures XRP Lending Infrastructure; 969 Million Shiba Inu (SHIB) on Exchanges Fuel 76% Spike; Wintermute Details 2 Key Bitcoin Recovery Catalysts – Morning Crypto Report

    July 14, 2026

    ECB Selects 36 Providers for Digital Euro Pilot

    July 14, 2026

    Gas Subsidy Fuels L2 Surge

    July 14, 2026
    Add A Comment

    Comments are closed.

    Tweets by InfoAltcoinvest

    Top Posts

    JPMorgan sees Hyperliquid partnership weighing on Circle, Coinbase

    July 14, 2026

    SBI Secures XRP Lending Infrastructure; 969 Million Shiba Inu (SHIB) on Exchanges Fuel 76% Spike; Wintermute Details 2 Key Bitcoin Recovery Catalysts – Morning Crypto Report

    July 14, 2026

    ECB Selects 36 Providers for Digital Euro Pilot

    July 14, 2026

    Bitcoin & Crypto Trading Blog – CEX.I

    March 5, 2026

    XRP Price Prediction: $650 Million Floods Exchanges — Are Investors Preparing to Dump XRP?

    March 3, 2026

    Magic Eden to shut down Bitcoin and EVM marketplaces, pivot to Solana and iGaming

    March 2, 2026

    🔥 XRP & BITCOIN Daily Analysis XRP & BTC Price Prediction 2026 | Forecast & Key Levels 📈

    February 17, 2026

    Altcoinvest is a leading platform dedicated to providing the latest news and insights on the dynamic world of cryptocurrencies.

    We're social. Connect with us:

    Facebook X (Twitter)
    Top Insights

    Bitcoin Warning: This Is The ONLY Level You Need To Pay Attention To!

    July 14, 2026

    JPMorgan sees Hyperliquid partnership weighing on Circle, Coinbase

    July 14, 2026

    Chart Decoder Series: Donchian Channels: How Traders Spot Breakouts 

    July 14, 2026
    Get Informed

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.


    Facebook X (Twitter)
    • Home
    • About us
    • Contact Us
    • Privacy Policy
    • Terms & Conditions
    © 2026 altcoinvest.com

    Type above and press Enter to search. Press Esc to cancel.