An attacker accumulated up to 92.1614 WETH in approved allowances and then emptied WETH, USDC, and USDT from a private MEV bot, producing a $15 million loss for JaredFromSubway.
How the loss unfolded
Blockchain security firm Blockaid detected the drain on Saturday. JaredFromSubway later confirmed that the attacker had used fake pools and tokens to manipulate the bot’s opportunity-detection logic and trick it into approving helper contracts. The bot’s automated execution system analyzed routes and trade opportunities that appeared financially rewarding, generated the transactions needed to execute them, and — crucially — granted ERC‑20 token approvals to contracts controlled by the attacker.
According to the reporting, the attacker’s early transactions acted as harmless tests to confirm the bot’s action routines. At a later stage the threat actor altered the route so that the allowance granted by the bot was not consumed or revoked. The attacker accumulated valid spending permissions without immediately spending them, reaching approvals of up to 92.1614 WETH to an attacker-controlled helper contract, and then used those open approvals to withdraw WETH, USDC, and USDT from the JaredFromSubway MEV bot contract via the ERC‑20 transferFrom function.
Attacker technique: fake pools, fake tokens, and helper contracts
The exploit relied on deception of the bot’s detection logic rather than a low-level protocol bug. Blockaid says the attacker deployed contracts designed to appear as profitable MEV opportunities to JaredFromSubway’s automated system. Those contracts mimicked the signals a profitable route would show and induced the bot to grant ERC‑20 approvals to attacker-controlled helper contracts.
Because the attacker staged test transactions first and later changed the route so allowances were not consumed or revoked, the exploit accumulated multiple valid permissions before performing the withdrawals. The sequence exploited automated approval behavior: the bot’s transaction generation included granting allowances that the attacker could later use with transferFrom.
What JaredFromSubway has done so far
JaredFromSubway, a private MEV operation with no publicly available code and a reputation as one of Ethereum’s most aggressive and visible “sandwich”-bot operators, publicly responded with a bounty strategy. Initially the operation offered a $3 million bounty for the full return of the stolen funds, promising no further action would be taken if the funds were returned. After receiving no response, JaredFromSubway raised the offer to $7.5 million for the return of just 50% of the stolen amount, with $1 million earmarked for the community.
JaredFromSubway is also reported to be negotiating with “a white‑hat hacking group” over the stolen $15 million, but there is no confirmation of a deal at this time.
Context on MEV bots and sandwich attacks
Blockaid’s analysis was framed against how MEV bots operate. MEV (Maximal Extractable Value) bots are ultra‑fast automated trading systems that scan blockchains for order‑and‑timing opportunities to profit. The source material describes sandwich attacks as a common tactic: a bot detects a pending user trade, places a buy immediately before it and a sell immediately after, profiting from the induced price movement. That practice is controversial because it tends to deliver worse prices for ordinary traders while producing profits for the bot operator.
In this case, the controversy is inverted: rather than profiting from other traders’ transactions, the bot itself was tricked into granting approvals that permitted a direct theft from its contract balance.
What this means for JaredFromSubway, Blockaid, and white‑hat groups
- JaredFromSubway: The operation has moved from offering a full‑return bounty to a negotiation-focused split offer and is engaging with third parties described as a white‑hat hacking group; whether funds will be recovered remains unresolved.
- Blockaid: The firm detected and flagged the drain; its forensic description attributes the exploit to deceptive on‑chain contracts and manipulated routes rather than a simple coding error in ERC‑20 token standards.
- White‑hat hacking groups: They are reportedly in talks with JaredFromSubway, but the source explicitly states there is no confirmed deal at present, leaving the outcome of those negotiations an open question.
The immediate facts are stark and specific: a private, non‑public MEV bot was induced to grant large token allowances to attacker‑controlled contracts and $15 million in assets were removed via transferFrom; Blockaid detected the activity; JaredFromSubway has offered escalating bounties and is negotiating with a white‑hat group but has not confirmed recovery. Whether the funds will be returned, and whether other private MEV operators can avoid similar manipulation, are the open conclusions left in the record.
