Ethereum Sandwich Attacker Suffers $7.5M Loss in Honeypot Exploit

A notorious Ethereum sandwich attacker has suffered a significant loss of $7.5 million in a honeypot exploit, according to Chainalysis.

The JaredfromSubway.eth bot had been operating on the network since 2023, detecting pending transactions and executing buy orders just before ordinary users to inflate prices, then immediately selling the assets afterward to capitalize on the difference in technical arbitrage operations.

An unknown actor deployed 66 fake token contracts that simulated real assets from the decentralized market. The bot granted token-spending approvals to the smart contracts involved, which lacked real value and were designed exclusively to accumulate permissions from the affected wallet.

The attacker gathered the necessary authorizations, then activated a tripwire contract that emptied the bot's holdings in a single coordinated transaction, stealing deposits in Ether and stablecoins. The stolen assets were converted to ETH and transferred to Tornado Cash, a decentralized mixing protocol used to break the tracking link on the blockchain.