TechFlow News: On June 21, on-chain analyst Blockaid (@blockaid_) reported that JaredFromSubway (@jaredsmev), a well-known Ethereum MEV bot, was attacked, resulting in losses of approximately $7.5 million. The attacker constructed a fake MEV arbitrage path to trick the bot into automatically approving token allowances. Leveraging these open, unrevoked allowances, the attacker transferred WETH, USDC, and USDT from the bot’s contract to their own wallet address. Blockaid noted that this attack was not a conventional phishing attempt or smart contract vulnerability, but rather a targeted exploitation of the bot’s automated execution mechanism.
Add to Favorites
Share to Social Media
