Jaredfromsubway.eth, which operates one of Ethereum's largest sandwich-extraction bots, lost $7.5 million in WETH, USDC, and USDT after an attacker gained approval to move tokens from its accounts, according to security firm Blockaid.
The exploit hinged on a distinction that matters in Ethereum's architecture. Instead of stealing private keys, the attacker tricked the bot operator into signing approvals for fake trading routes. Those approvals granted contracts permission to transfer tokens on behalf of the account—a standard mechanism in DeFi but one that can become a liability if the approved contract is malicious or the approval target is forged.
Sandwich bots work by watching pending transactions in the mempool, inserting their own transactions ahead of a user's trade (frontrunning it), then executing another transaction after the user's order clears (backrunning it). The profit comes from price slippage the original user suffers. Jaredfromsubway.eth's scale in this activity made it a high-value target, though Blockaid did not publish transaction hashes, specific approval amounts, or timeline details.
The mismatch is instructive. Approval-based attacks sidestep the complexity of key compromise. An operator can run sophisticated contract logic, monitor mempool activity in real time, and manage substantial liquidity without ever exposing a private key—yet still lose control of assets if they approve the wrong contract. It's a failure mode that key management alone doesn't catch.
Blockaid did not disclose how the attacker crafted the fake routes or what specific mechanism lured the approval signature. The firm also did not explain whether the bot operator had visibility into what they were approving, or whether the attack exploited a lapse in signature review. Those details would clarify whether this was a social engineering failure, a contract interface exploit, or a shortcut in operational hygiene.
The incident also underscores a structural asymmetry in Ethereum's token transfer model. Any contract with an active approval can drain an account's balance in a single transaction, constrained only by the amount in the approval itself. A user or operator who signs approvals at scale—common for MEV bots juggling multiple pairs and routes—multiplies the surface area. Revoking approvals after detection doesn't recover the drained funds.