New York
Markets Newsletters Sign in
Est. 2024
Payney.
Finance · Markets · Decoded Daily
HomeCryptoSandwich Attack Bot Exploited for $7.5M: Ethereum Security Crisis
Crypto

Sandwich Attack Bot Exploited for $7.5M: Ethereum Security Crisis

Jaredfromsubway.eth bot responsible for 70% of sandwich attacks was itself hacked for $7.5M, exposing critical Ethereum vulnerability and MEV risks for traders.

P
The Payney Desk
June 21, 2026 · 2 min read · Source: CoinTelegraph
gold and silver round coins on clear glass bowl
Photo by Kanchanara / Unsplash
gold and silver round coins on clear glass bowl
The 30-second version Payney AI
  1. 01A notorious Ethereum sandwich attack bot lost $7.5M in an exploit, according to CoinTelegraph.
  2. 02Jaredfromsubway.eth was responsible for roughly 70% of all sandwich attacks in the ecosystem.
  3. 03The incident exposes serious vulnerabilities in bot security and highlights growing MEV exploitation risks.
  4. 04Investors holding Ethereum exposure should monitor emerging attack vectors and validator-level security threats.

The Hacker Got Hacked: $7.5M Sandwich Bot Exploit Shakes Ethereum

A $7.5 million theft just exposed the raw irony at the heart of Ethereum's MEV crisis. According to CoinTelegraph, the notorious bot known as Jaredfromsubway.eth—responsible for roughly 70% of sandwich attacks plaguing the network—was itself exploited in a stunning reversal. The bot that made its fortune front-running transactions got front-run. And that should worry anyone holding Ethereum.

So what's a sandwich attack, exactly?

It's when a bot watches pending transactions in the memory pool, then places its own transaction before the victim's transaction (the first slice of bread) and another one after it (the second slice), essentially capturing the price slippage in between. Jaredfromsubway.eth became infamous for executing this strategy at industrial scale. CoinTelegraph's reporting pegged the bot's share of total sandwich attacks at 70%—a dominating position in an ecosystem already riddled with MEV (miner extractable value) exploitation.

Now someone did to the bot exactly what the bot had been doing to everyone else.

Here's where it gets interesting for portfolio holders. This isn't just a cautionary tale about karma in crypto. It's a window into how vulnerable even the most sophisticated trading bots remain to coordinated attacks. If a bot with enough capital and sophistication to execute 70% of the network's sandwich attacks can be breached for $7.5 million, what does that say about the security posture of smaller operations? More broadly: what does it say about Ethereum's fundamental architecture?

The incident maps onto a larger pattern. Famous cyber attacks in 2025 often exploited the gap between a system's apparent sophistication and its actual defensive depth. This Ethereum vulnerability follows the same playbook. A bot optimized for offense turned out to be thin on defense.

And this matters because sandwich attacks themselves have become a primary tax on everyday Ethereum users.

Every time someone swaps tokens on Uniswap or another DEX, there's a nonzero chance that a sandwich bot intercepts the transaction, executes ahead of it, and extracts value from the slippage. It's a friction cost baked into the ecosystem. The prevalence of Jaredfromsubway.eth—commanding 70% of such attacks—meant that a single entity was extracting a measurable percentage of all MEV available on Ethereum. When CoinTelegraph reported the $7.5M theft, it wasn't reporting on some edge-case security failure. It was reporting on the collapse of one of the most profitable parasitic operations in crypto.

For investors, the question isn't whether Ethereum will survive this. It will.

The real question is whether Ethereum's governance will finally treat MEV as the structural problem it is. Bitcoin vs. Ethereum comparisons often hinge on decentralization and security. Incidents like this one—where a single bot captures 70% of an entire attack class—suggest Ethereum's security story is more fragmented than advocates admit. The network's reliance on complex protocols like MEV-Burn or PBS (Proposer-Builder Separation) to address the problem means that Ethereum vulnerability fixes move slowly. Meanwhile, traders keep leaking value.

The stolen $7.5 million is a rounding error compared to the hundreds of millions extracted by sandwich bots annually. But it's a tell. It proves that even entrenched actors in this ecosystem operate on thinner margins and with less defensive depth than they appear. Holders of Ethereum should watch how the community responds to this incident—not whether the thief is caught, but whether it catalyzes real changes to MEV incentives.

Read the original at CoinTelegraph →
Crypto Bitcoin Vs Ethereum Which Is Better Email Attacks In Cyber Security Eth Vulnerability Ethereum Ddos Attack
Frequently asked
What is a sandwich attack and how does it work?
A sandwich attack occurs when a bot detects a pending transaction, places its own transaction before it to profit from price movement, then places another transaction after—'sandwiching' the victim's order. According to CoinTelegraph, Jaredfromsubway.eth executed this attack type at massive scale across Ethereum.
Why does Ethereum have security vulnerabilities like this?
Ethereum's mempool design makes pending transactions visible to all participants, enabling bots to front-run and sandwich legitimate trades. The network hasn't fully solved MEV (miner extractable value) extraction despite ongoing protocol upgrades and proposals like MEV-Burn or PBS.
Should I be worried about Ethereum's security if this bot was hacked?
This exploit doesn't break Ethereum's core security, but it does highlight vulnerabilities in bot operations and MEV dynamics. If a bot controlling 70% of sandwich attacks can lose $7.5M, it suggests even sophisticated actors face real defensive gaps—worth monitoring for any trader or long-term Ethereum holder.
Read next
Crypto
Crypto·2026-06-21
Bitcoin ETFs shed record $6.4B in 30 days amid crypto winter chill