What is a sandwich bot in crypto?

A sandwich bot is an automated program that buys and sells a cryptocurrency immediately before and after a user's trade to profit from the price movement.

How did the bot lose $7.5 million?

An attacker used a fake trading route to trick the bot into giving permission to move its funds, which allowed the attacker to withdraw the money.

Is my Ethereum safe after this exploit?

Yes, your personal Ethereum is safe; the exploit only targeted the specific funds held by the automated bot's smart contract.

A clever exploit has drained $7.5 million from the famous Jaredfromsubway.eth bot. Learn how it happened and what it means for Ethereum security.

Famous Ethereum 'Sandwich' Bot Drained of $7.5 Million in Clever Attack

On June 21, 2026, the decentralized finance (DeFi) world witnessed a surprising turn of events as the most active 'sandwich' bot on Ethereum (a blockchain network used for smart contracts), known as Jaredfromsubway.eth, was exploited for $7.5 million. According to security firm Blockaid, an anonymous attacker tricked the bot into approving malicious trading routes. This permitted the drain of various assets including Wrapped Ethereum (WETH), USDC, and USDT stablecoins (cryptocurrencies pegged to the value of the US Dollar). The incident highlights a major vulnerability in how automated trading bots interact with unknown protocols.

How the Jaredfromsubway.eth Bot Was Tricked

To understand this event, one must first understand 'sandwich' bots. These are automated programs that perform MEV (Maximal Extractable Value, the profit miners or validators can make by reordering transactions). They 'sandwich' a regular user's trade by buying just before them and selling just after them to profit from the price change. Jaredfromsubway.eth has been a dominant force on Ethereum for years, often consuming massive amounts of gas (the fee paid to process transactions on the network).

The attacker utilized a sophisticated trick involving fake trading routes. Essentially, the exploiter created a situation where the bot believed it was executing a standard profitable trade. However, the smart contract (self-executing code on the blockchain) used in the trade contained a hidden command. This command allowed the attacker to gain approval to move funds out of the bot's wallet. Once the bot 'signed' the approval, the attacker swiftly drained the $7.5 million in liquidity.

What This Means for USA Investors

For the average USA crypto investor, this event serves as a critical lesson in platform risk. Even the most sophisticated players in the Ethereum ecosystem are not immune to code-based vulnerabilities. While sandwich bots are often disliked by retail traders because they can worsen the prices people pay for tokens, their sudden removal or loss of funds can cause temporary shifts in market liquidity (the ease with which an asset can be converted to cash).

If you use decentralized exchanges like Uniswap, this exploit might actually result in slightly better pricing for your trades in the short term, as there is one less major bot competing to extract value from your transactions. However, it also underscores the importance of only interacting with verified protocols. If a bot as advanced as Jaredfromsubway can be tricked by a malicious contract, individual investors must be even more cautious when connecting their wallets to new or unverified DeFi applications.

Source: CoinDesk

Ethereum's Top Sandwich Bot Drained of $7.5M in New Exploit

Famous Ethereum 'Sandwich' Bot Drained of $7.5 Million in Clever Attack

How the Jaredfromsubway.eth Bot Was Tricked

What This Means for USA Investors

Frequently asked questions