The person who pulled off one of the most brazen exploits in Ethereum’s MEV ecosystem is not sitting still. The attacker who drained the infamous Jaredfromsubway.eth sandwich bot has now routed approximately 2,000 ETH through Tornado Cash, the privacy mixer that remains the go-to laundering tool for on-chain criminals.
On top of the mixing, the exploiter swapped 1,422 ETH for roughly 2.45 million DAI. That leaves a minimal ETH balance in the attacker’s wallets.
How the original exploit went down
The exploit, which security firm Blockaid characterized as a “counter-MEV honeypot” attack, was almost poetic in its construction. The attacker deployed fake token contracts and liquidity pools designed to trick the bot into granting token approvals. The exploiter built a trap that looked like a juicy sandwich opportunity, and the bot took the bait.
The scheme played out over several weeks before culminating in a drain that siphoned off more than $7.5 million in various assets. The stolen haul included 1,474.58 WETH, 2.87 million USDC, and 2 million USDT. All of it was converted into approximately 4,400 ETH.
