JaredFromSubway MEV bot hacked in $15 million crypto theft

The JaredFromSubway Ethereum MEV (Maximal Extractable Value) bot suffered a $15 million loss after an attacker manipulated the opportunity-detection logic by creating fake cryptocurrency trading opportunities.

The drain was detected on Saturday by blockchain security firm Blockaid, and today, JaredFromSubway confirmed that the attacker used fake pools and tokens to trick the bot into approving helper contracts.

According to Blockaid, the attacker deployed contracts designed to appear as profitable MEV opportunities to JaredFromSubway's automated execution system.

The bot automatically analyzed routes and trade opportunities that seemed financially rewarding. It then generated the transactions needed to execute them, granting ERC-20 token approvals to contracts controlled by the attacker.

It appears that the attacker planned the heist carefully, as early transactions served as harmless tests to help confirm the bot’s action routines. Later, the threat actor changed the route so that the allowance was not consumed or revoked after the bot granted approvals.

According to Blockaid, the attacker deployed contracts designed to appear as profitable MEV opportunities to JaredFromSubway's automated execution system.

JaredFromSubway MEV bot hacked in $15 million crypto theft

JaredFromSubway MEV bot hacked in $15 million crypto theft

Other newsrooms on this story

Related reading

MEV Bot Jaredfromsubway.eth Exploited For $7.5M

Other newsrooms on this story

Related reading

MEV Bot Jaredfromsubway.eth Exploited For $7.5M

Ethereum MEV Bot JaredFromSubway Threatens Legal Action After $7.5 Million Loss…

JaredFromSubway's bot lost $7.5M to fake tokens. We had already flagged them.

JaredFromSubway MEV bot exploited for over $15M

Notorious 'jaredfromsubway' MEV bot drained for roughly $7.5 million in…

Infamous Front-Running Crypto Bot 'Jaredfromsubway' Gets Tricked and Drained…