MEV Bot Jaredfromsubway.eth Loses $7.5M in Approval Exploit

On June 20, an MEV bot operated by Jaredfromsubway.eth lost $7.5 million. The attacker created a fake token and a liquidity pool that looked like a profitable arbitrage opportunity. When the bot interacted, the attacker altered the trading logic to trigger a token approval. The bot's automated approval process gave the attacker's contract lasting permission to withdraw funds.

The proceeds included 1,583 Ethereum and 4.96 million in stablecoins (2.87 million USDC and 2.09 million USDT). The attacker consolidated the haul into 4,427 ETH, then sent it in 100 ETH batches to Tornado Cash, a privacy mixer. At least 1,000 ETH moved that way. Small deposits make on-chain tracing more difficult.

The exploit targeted token approvals, not a smart contract bug. The attacker found a way to abuse the permissions embedded in the bot's workflow. Many DeFi users and bots leave approvals open after trades. Revocation rates remain low despite hundreds of millions lost to similar attacks.

MEV bots have grown into multi-billion dollar execution engines across Ethereum and Solana. Layer 2 networks also host similar bots. Capital concentrates in these automated programs.

For traders and bot operators, the practical step is to review and revoke unused token approvals. Tools like Etherscan's token approval checker or dedicated revoke services can reduce exposure. Automation drives DeFi liquidity and price discovery.

The attacker moved at least 1,000 ETH to Tornado Cash after the exploit.