Data 2026-06-22

JaredFromSubway's bot lost $7.5M to fake tokens. We had already flagged them.

The famous MEV bot was drained for ~$7.5M - not by a hack or phishing, but by being fed fake WETH/USDC/USDT it approved itself. We traced the on-chain trail, and found RektRadar had already scored the exact bait tokens 70/100 as impersonators, up to a day before the drain.

One of the most profitable MEV bots on Ethereum - the one trading as jaredfromsubway.eth - just lost around $7.5M. And the interesting part is how.

It wasn’t a contract exploit. No reentrancy, no bug in a DeFi protocol. It wasn’t phishing either - no human signed anything. The bot approved its own robbery, because its automation was tricked into thinking it was about to feast on a juicy MEV opportunity.

We traced the whole thing on-chain. And then we noticed something: our own scanner had already flagged the bait tokens as fakes - up to a full day before the money moved.

On-chain timeline of the jaredfromsubway MEV-bot approval drain. RektRadar flagged fWETH 70/100 on Jun 19 at 17:38, then fUSDC and fUSDT 70/100 on Jun 20 around 00:3x. The drain of about $7.5M happened on Jun 20 at 18:49, roughly 25 hours after the first flag.

How the trap works

ERC-20 has a two-step spend model. To let a contract move your tokens you first call approve(spender, amount), which creates an allowance. The spender can then call transferFrom(you, dest, amount) up to that allowance - and the allowance persists until it is used up or revoked. To save gas, bots and routers often approve type(uint256).max: an infinite, standing blank cheque.

That is the whole attack surface. The sequence:

  1. The attacker deploys fake wrapper tokens (fWETH, fUSDC, fUSDT) and fake pools engineered to look like a juicy arbitrage.
  2. To trade that “opportunity”, the bot’s own logic approves attacker-controlled helper contracts as spenders of its real WETH, USDC and USDT.
  3. On the early transactions the attacker consumes those approvals immediately - everything looks profitable, nothing trips an alarm.
  4. On later transactions the bot grants approvals that are never consumed or revoked - they sit there, dormant, as standing spend power.
  5. Once enough allowances are stacked, the attacker calls transferFrom and pulls the real assets straight out of the bot.
Four-step diagram of the attack. Step 1 BAIT: attacker deploys fake fWETH/fUSDC/fUSDT and fake pools that look profitable. Step 2 APPROVE: the bot chases the profit and approves attacker helper contracts over its real tokens. Step 3 DORMANT: later approvals are never consumed or revoked, leaving standing spend power. Step 4 DRAIN: transferFrom pulls WETH, USDC and USDT out of the bot, about 7.5 million dollars.

The bot did exactly what it was built to do. Its strength - aggressive, automated profit-chasing that approves whatever a trade needs - became the hole.

What the chain shows

We pulled the transfers with our own RPC nodes and Etherscan. The receiving wallet is 0x3e37f4A10d771Ba9dE44b6d301410b1BEdeA65d0.

A funded, purpose-built account. It was first funded on Jun 7 with ~19.9 ETH from a throwaway wallet (0xe8b7e6…478703, two transactions of lifetime). It is also an EIP-7702 delegated account: its code points to a smart-account implementation at 0x63c0…ae32b, so a single signed action can run a batched, contract-like routine - convenient when you need to harvest many approvals and fire the drain cleanly.

The drain. Moving directly from the bot contract (0x1f2f10…df387) to the attacker, on Jun 20 between 18:49 and 18:56 UTC, we count:

AssetPulled directly from the bot
USDT2,035,760
USDC2,870,573
WETH1,474.58

Routed through real infrastructure - the Uniswap V4 PoolManager and CoW Protocol’s settlement contract - to swap the fakes for the real reserves.

The bait. The attacker’s fake tokens are exactly what the reports described, plus a few extras:

fWETH  0x6bea01ec24cd029b1ed0898ab30c8f620c8e8c4e   "Wrapped Ether"
fUSDC  0xd370f4e528d83f9941ff2803685552660af7c238   "USD Coin"
fUSDT  0x86070300d54c335717f87dcb11c6515c9a27688e   "Tether USD"
fCAP   0xf2ae7acf310812fb33451610a97020ef961f0521

They even minted Unicode-homoglyph spoofs of “ETH” - E឵Τ឵H, ĖTḨ - tokens whose symbols look like ETH but are built from invisible and look-alike characters. Classic impersonation, dressed to fool a human eye and a naive string match alike.

The part we did not expect

Impersonation tokens are our bread and butter. We score every new ERC-20 that hits mainnet on 100+ on-chain signals. So we checked the bait against our own API - and the bot was interacting with tokens we had already scored as high-risk fakes, before the drain:

Bait tokenRektRadar verdictScored atvs. the drain
fWETH70/100 - impersonates_major_tokenJun 19, 17:38~25h earlier
fUSDC70/100 - impersonates_major_tokenJun 20, 00:38~18h earlier
fUSDT70/100 - impersonates_major_tokenJun 20, 00:48~18h earlier
RektRadar scan card for the fake fWETH token at 0x6bea01ec...8e8c4e, named Wrapped Ether. Score 70 out of 100, HIGH RISK. Flags: impersonates_major_token, name_mimics_known_token, deploys_scam_bytecode, mass_deployer, multi_flag_rug_setup, unverified_contract. Analyzed 2026-06-19 17:38 UTC, about 25 hours before the 7.5 million dollar drain.

The flags that fired are exactly the ones you’d want: name_mimics_known_token, impersonates_major_token, deploys_scam_bytecode, mass_deployer, multi_flag_rug_setup. A token literally named “Wrapped Ether” with symbol fWETH, unverified, from a mass deployer pushing known scam bytecode, is not a subtle case.

To be clear: a risk score doesn’t reach into a bot and stop it from signing. The bot’s flaw was its own approval logic. But the bait was not invisible - it was an off-the-shelf impersonation pattern that an independent scanner had already caught and labelled. The information needed to refuse the interaction existed, on-chain, in advance.

The takeaways

  • Revoke approvals, and never approve infinity. A standing type(uint256).max allowance to an unknown spender is a blank cheque that survives until someone cashes it. Approve exact amounts, or use scoped/expiring approvals (Permit2-style).
  • “Is this the real WETH?” is a question, not an assumption. Most of the loss rode on the bot treating fWETH/fUSDC/fUSDT as the assets they impersonate. Impersonation is one of the oldest scam-token patterns on Ethereum, and it is machine-checkable.
  • Automation needs the same guardrails as humans. A bot making millions still has to ask whether the token in front of it is a fake. That check is a single API call.

We run that check on every new token on Ethereum. You can run it on any contract at rektradar.io, or wire it into your own bot via the API.

All addresses and amounts above are verifiable on-chain. The ~$7.5M net figure is from public reporting; the per-asset amounts are the transfers we traced directly from the bot contract to the attacker.