A $7.5 Million Counter-Kill: When Ethereum’s Biggest Sandwich Bot Fell Into Its Own Trap

白话区块链
白话区块链
Ethereum’s largest sandwich bot, Jared, was counter-killed, with $7.5 million drained by a hacker exploiting a dangling approval in an instant. From $25.2 million to $7.5 million, the MEV hunter became the prey. On-chain invisible taxes and approval vulnerabilities endanger every user—how can you protect yourself?

Original Author: Cathy, Vernacular Blockchain

On June 20, 2026, the treasury of Ethereum's most notorious sandwich bot jaredfromsubway.eth was drained.

$7.5 million, one transaction, one block. The automated hunter that made tens of millions of dollars annually by "sandwiching" others' trades had stepped into a trap in its own hunting ground.

This wasn't the first time. Three years ago, a hacker disguised as an ordinary validator used a 32 ETH entry ticket to pick $25.2 million from the pockets of five top sandwich bots.

The predator finally became the prey. But the part of the story truly worth telling isn't who won or lost, but how this "bot-eat-bot" arms race is shaking the foundation of Ethereum's transaction security.

01 Every Transaction You Make Is Being Stolen From

First, let's clarify what sandwich bots do.

On decentralized trading platforms like Uniswap, before your trade intent goes on-chain, it is first thrown into a public waiting area called the Mempool. Everyone can see what you plan to buy, how much, and the maximum slippage you're willing to accept.

Sandwich bots monitor this waiting area 24/7. Spotting your large buy order for a token, it will front-run you with a buy transaction to push the price up, then place a sell transaction right after you, flipping it at the higher price.

You get "sandwiched" in the middle, paying more money and receiving fewer tokens.

A single instance might only lose you a few dollars; you might not even notice. But that's exactly what makes it insidious.

Tens of thousands of transactions are sandwiched daily, accumulating into a massive "invisible tax."

It's not just ordinary traders being fleeced; liquidity providers are in an even worse position.

AMM price adjustments are always slower than centralized exchanges like Binance, allowing external arbitrageurs to repeatedly drain assets from the pool using lagging low prices. Academically, this is called "Loss-Versus-Rebalancing" (LVR). Some research indicates that the value leakage it causes for LPs even exceeds the total of all sandwich attacks by an order of magnitude.

To put it bluntly, from searchers to builders to validators, the entire MEV supply chain is bleeding ordinary users dry every day.

Jared was the top player in this business, once occupying nearly 70% of sandwich attack traffic on the Ethereum mainnet.

02 66 Traps and One Liquidation

The counter-kill in 2026 was as intricate as a crime film.

The hacker spent weeks deploying 66 fake token contracts, each paired with a bogus liquidity pool. These pools were designed with precise mathematics to present extremely high-profit arbitrage signals on-chain, specifically to lure Jared's scanning algorithms.

Jared took the bait. Its program automatically initiated sandwich attacks on these fake tokens, and during the interaction, the routing contract granted token transfer approval (calling approve) to the attacker's contract.

The key was the next step. To save on gas fees, Jared's developers did not write logic to revoke the authorization after the trade was completed. In the world of smart contracts, once an approval is given, it remains permanently valid unless actively cleared by calling approve again. This is the so-called "dangling approval."

Once all 66 traps were set, the hacker initiated a transaction within the same block, calling transferFrom to directly drain all 1,474.58 WETH, 2.87 million USDC, and 2.09 million USDT from Jared's treasury. They were then quickly swapped on-chain for thousands of ETH and funneled into Tornado Cash.

Then, vanished.

The attack in April 2023 was more violent, directly targeting the trust foundation of Ethereum's PBS architecture.

The hacker staked 32 ETH to become a validator, then initiated a massive slippage trade in a Uniswap V2 pool with extremely drained liquidity (containing only 0.005 WETH and 4.5 STG), deliberately creating an enticing sandwich attack opportunity.

The bots took the bait. To swallow this arbitrage, they threw in 2,454 WETH (about $4.4 million) just to exchange for a measly 4.5 STG, hoping to flip it back for a meager profit of less than 0.35 ETH. The transaction amount-to-profit ratio was as high as 7000:1.

The fatal blow came next. When it was this malicious validator's turn to package a block, it sent a deliberately malformed invalid block header to the Flashbots relay. The relay code had a fatal error-handling vulnerability: as long as the signature verification passed, even if the block header was invalid, it would prematurely return the sandwich bots' plaintext transaction content to the validator.

After obtaining the plaintext, the validator discarded the invalid block and reassembled a new one: it placed the bots' 2,454 WETH buy order at the very front, then immediately inserted its own attack contract, using 158 STG to drain all the WETH from the pool.

It wasn't just WETH. The hacker manipulated multiple token pools including AAVE, SHIB, CRV, UNI, and MKR using the same technique, looting over $25 million in total. This included 7,461 WETH and 5.3 million USDC.

A 32 ETH ticket yielded a return nearly eight hundred times over.

03 Every Wallet Has the Same Vulnerability

These two incidents appear to be a civil war within the bot world, but the exposed problems directly concern every ordinary user.

The dangling approval exploited in the Jared hack likely exists in your wallet too. Many people habitually click "Grant unlimited transfer allowance" when using Uniswap or claiming airdrops. If the related contract is ever compromised, hackers can use the same transferFrom technique to empty your stablecoins.

The deeper threat is that MEV is making Ethereum unsafe.

When the arbitrage profit within a block far exceeds the block reward, validators have an incentive to cheat: ignoring the new block just produced by someone else, they can re-fork a chain from a historical block height and keep the high-profit transactions for themselves. If such "time-bandit attacks" become frequent, Ethereum's transaction finality will collapse.

The high-frequency front-running and gas bidding wars (PGA) of MEV bots also instantly consume massive block space, driving up network-wide gas fees. Even if you are just making a simple transfer, you have to pay for the battles between bots.

Block building is also rapidly centralizing. Capturing high-value MEV relies heavily on extremely high-precision algorithms and large-scale infrastructure, with a few professional builders controlling the vast majority of block packaging share. Once they cooperate with censorship, Ethereum's censorship resistance becomes a paper promise.

The Ethereum community's countermeasures have taken two paths. Protocol-level PBS (ePBS) aims to write the relay's functions into the consensus layer, eliminating third-party vulnerabilities at the protocol level. Encrypted mempools (like Shutter Network) use time-lock encryption technology to keep transactions in a ciphertext state until ordering is complete, cutting off the data input for sandwich attacks at the source.

But these solutions are still some distance from full implementation. For now, the most practical self-rescue involves two things.

First, switch your wallet's RPC to Flashbots Protect or MEV Blocker. Transactions no longer pass through the public mempool, not only avoiding being sandwiched but also allowing you to reclaim some arbitrage profits through Order Flow Auctions (OFA), with an average delay of just one or two extra blocks.

Second, regularly check and revoke unnecessary token approvals in your wallet. Many people casually approved unlimited allowances on some DEX half a year ago and have long forgotten, but that approval still hangs on the chain. Use tools like Revoke.cash to scan through them; it's a matter of minutes.

Jared's $7.5 million tuition fee is worth at least this one lesson.

In the dark forest, hunters can also be hunted. But the first to bleed are always those without defenses.

Share to:

Author: 白话区块链

Opinions belong to the column author and do not represent PANews.

This content is not investment advice.

Image source: 白话区块链. If there is any infringement, please contact the author for removal.

Follow PANews official accounts, navigate bull and bear markets together
Telegram Discussion Group
Telegram News Channel
@PANewsCN
Recommended Reading
PA一线

PA一线

Ethereum Foundation Plans to Cut About 20% of Staff
PA一线

PA一线

Lido DAO Revokes Official Bridge Support for wstETH on 9 Chains Including zkSync Era and Scroll
PA一线

PA一线

F2Pool Co-founder Wang Chun Adds $4.57M in BTC and ETH Within 24 Hours
PA一线

PA一线

Nethermind and UBS Test Ethereum Compliance Infrastructure, Enabling Institutional Regulatory Needs on Public Chains
PA一线

PA一线

BlackRock Deposits Over 2,400 BTC and 38,000 ETH to Coinbase
PA一线

PA一线

A whale deposits 2,010 ETH to Binance after 7 months of dormancy, with an unrealized loss of approximately $12.7 million

Popular Articles

Industry News
Market Trends
Curated Readings
Subscribe
PANews App
24/7 blockchain news tracking and in-depth analysis.
Download PANews App
App StoreGoogle Play
PANews APP
Thailand Expands Investigation into Illegal Mining Network Linked to Chinese Money Laundering Involving $300 Million
PANews Newsflash