MEV Bot JaredFromSubway Loses $7.5 Million in Novel Approval Exploit

JaredFromSubway, one of Ethereum's most recognizable MEV bots, suffered a significant loss of $7.5 million due to an unusual exploit that targeted its approval mechanism.

The attacker deployed contracts that tricked JaredFromSubway's automated systems into granting token approvals, which were then used to siphon off the bot's WETH, USDC, and USDT holdings.

Blockaid, a blockchain security firm, detailed the incident in a security report, highlighting that this type of attack exploits the bot's automated MEV opportunity detection and approval mechanism.

The loss has significant implications for the MEV market, as it exposes a large target on every bot that runs automated strategies without deep simulation of the contracts it interacts with.