On June 21, 2026, well-known MEV bot developer JaredFromSubway.eth (@jaredsmev) posted on social media stating that his operated bot had been hacked, resulting in the hosted assets being emptied or stolen; almost simultaneously with the declaration of the attack, he threw out a widely echoed "reconciliation plan": based on a single public source of information, he was willing to pay a reward of about $1 million on the condition that the funds are fully returned, and repeatedly emphasized in the reward post that he can provide a completely confidential and process-secure fund return arrangement, stressing that this reward action is "compliant" under the law and time is of the essence. The incident quickly spread in the market and community, with some discussions starting to confuse the security issues that arose during the same period with cross-chain infrastructure; Axelar Network immediately published a statement to clarify that its network and IBC protocol had not been compromised in the relevant incident, noting that the affected token smart contracts belong to a community fork based on CW20-ICS20, which contains an exploitable unlimited minting vulnerability. Currently, the narrative regarding this hack and reward almost entirely relies on JaredFromSubway.eth's public statements and Axelar's official declaration; in the absence of more third-party on-chain evidence, the market is forced to seek answers amidst blurred facts and amplified emotions, which also makes safety boundaries and trust mechanisms in the MEV ecosystem the core of the upcoming discussions.
The Emptied JaredFromSubway Bot
For JaredFromSubway.eth, that MEV bot permanently operating on Ethereum and other public chains was originally a "24/7 automated arbitrage factory." It hosted a certain scale of assets through smart contracts and scripts to capture on-chain price discrepancies and transaction order opportunities, with all decisions made by algorithms. Once the keys or deployment environment controlling these contracts and scripts are breached, the safety boundary of the hosted funds would collapse in almost no time, and assets would be quickly moved along the path originally prepared for the strategy, making it difficult for operators to intervene manually in real-time.
On June 21, 2026, JaredFromSubway.eth publicly stated on social media that this bot had been hacked, resulting in the hosted assets being "emptied" or "significantly stolen," but he neither disclosed the exact amount of the loss nor provided a more specific on-chain breakdown. According to public materials, the figures given in different reports are inconsistent and lack unified authoritative confirmation, causing the outside world to only ascertain that "serious losses occurred," but unable to quantify the cost of this arbitrage factory being shut down. For Jared himself, this means that the strategic infrastructure built over a long time has vanished in an instant; for the strategy ecosystem built around this bot or those following it, it means the competitive landscape that originally relied on its existence has suddenly been erased, forcing all participants to reassess risks and opportunities in a new environment devoid of this machine.
Axelar Clarifies Security Misunderstandings
As Jared's bot was forced to "go offline" and the specific scale of losses remained a mystery, wider panic began to spread to the infrastructure level. In discussions surrounding the same round of security incidents, some community voices pointed fingers at cross-chain, believing that Axelar Network or the IBC protocol itself might have systemic risks; if cross-chain messaging channels encounter issues, they could magnify a single-point accident into a network-wide disaster, prompting Axelar to respond to these rapidly escalating doubts.
Axelar subsequently released an official statement, breaking down the most critical point: Axelar Network itself and the IBC protocol were not compromised or damaged in the recent relevant security incidents. On the contrary, a set of token smart contracts was exploited, which were not developed, deployed, or maintained by the Axelar team but rather are community fork versions based on CW20-ICS20, embedded with an exploitable "unlimited minting" vulnerability in the implementation details. Axelar clearly attributed the risk to this third-party contract implementation issue, rather than a protocol-level defect of Axelar or IBC, essentially reminding the market: not every contract accident can simply be "blamed" on the underlying on-chain infrastructure itself.
$1 Million Reward: Negotiating with the Hacker
Shortly after clarifying its own and cross-chain infrastructure's responsibility boundaries, JaredFromSubway.eth refocused on the most pressing issue—how to get the money back. Public information shows that he proposed a condition that appears simple yet highly tensioned: willing to pay about $1 million as a reward on the premise of "full return" of the funds. It is important to emphasize that this number currently comes from a single public source and has not been cross-verified by multiple parties. To allay concerns, he promised to provide a "completely confidential and secure return process," and repeatedly emphasized in the statement that this reward arrangement is within the legal framework and extremely time-sensitive, hoping the attacker would contact him through private channels as soon as possible. So far, the public materials have not disclosed whether the hacker has responded, nor is there any evidence indicating progress in the partial or full return of the funds.
From the perspective of the game, this reward resembles a chip placed in a unique "gray reconciliation mechanism" of the on-chain world. Jared, with a sufficiently eye-catching offer, attempts to pull the hacker from one side of outright hostility to the other side of the negotiating table: on one side is the attacker holding the stolen assets, yet constantly exposed to on-chain records; on the other side is the victim with almost no technical means to "enforce the recovery" of the assets, who, under the irreversible premise of smart contracts, can only reconstruct the transaction through price signals and legal commitments. It is neither a traditional bug bounty nor can it be regarded as a completely legitimate civil reconciliation; it is closer to a pragmatic compromise that both parties are forced to reach on an absolutely transparent and irreversible ledger, and this arrangement in the gray area may frequently reappear in future similar events, becoming a real tool that on-chain participants have to face.
The Shattering of the MEV Bot Security Myth
This attack has torn a hole in a narrative that has long been taken for granted: that MEV bots can operate continuously like a money printing machine as long as their strategies are strong enough and their codes fast enough. According to public information, active developers like JaredFromSubway.eth can also face the blow of having their hosted assets emptied or significantly stolen in a very short time, indicating that what truly determines whether a strategy can "run long-term" is not the expected return curve in Excel, but rather the most vulnerable security link behind it. MEV bots rely on multiple junctions such as private key signatures, deployed servers, and strategy codes; as long as one of these links is compromised, on-chain assets can be signed, broadcast, and recorded in an irreversible history under the complete legal facade of transactions.
Compared to traditional notions of "contract vulnerabilities," the risks of MEV bots resemble an overlay of operational and counterparty risks: centralized private key management, key processes hosted on a few servers, and a high dependency on third-party components have returned what should be a distributed revenue model to a highly centralized single point of failure. More challenging is the issue of trust; once leading MEV bots are compromised, all on-chain users and projects sharing the same matching environment or transaction pool must reassess their risk exposure—they may not directly lose funds, but must confront a reality: when there exists a machine within the matching counterpart that could "go out of control" at any time, any strategy design and protocol mechanism built on default security assumptions stands on a foundation that could collapse at any moment.
What Risk Signals to Monitor Moving Forward
Returning to the event itself, it is far from reaching a "closed case" stage. According to public materials, there is still no clear disclosure regarding the whereabouts of the stolen hosted assets, or whether they have been partially or fully recovered; whether the approximately $1 million reward announced by JaredFromSubway.eth has facilitated communication or return arrangements with the attacker has also not been confirmed with new developments. At this stage, what we can rely on are primarily his personal statements on social media and the official statement released by Axelar, lacking more third-party on-chain evidence and independent reviews, meaning that every new detail that emerges will directly impact the market's judgment of the nature and responsibility boundaries of this case.
On the technical level, Axelar has already provided a clear direction: the issue lies with a certain community fork contract based on CW20-ICS20, which has an exploitable unlimited minting vulnerability. What needs to be monitored next is whether Axelar and the relevant community contract parties will further disclose more technical details, reveal the triggering path of the vulnerability, and promote the patching and upgrading of such fork contracts; these actions are not only related to whether this relevant security incident can truly be "closed," but will also serve as a window to assess the governance capability of cross-chain infrastructure. Meanwhile, whether other MEV bot operators choose to publicly strengthen security practices, adjust key infrastructure dependencies and hosting architectures is also worth continuous observation, because only when these high-frequency participants take concrete actions to reshape security standards can the trust foundation surrounding the matching environment possibly be rebuilt.
Join our community, let's discuss and grow stronger together!
AiCoin exclusive Hyperliquid benefits: https://app.hyperliquid.xyz/join/AICOIN88
AiCoin exclusive Aster benefits: https://www.asterdex.com/zh-CN/referral/9C50e2
On-chain Telegram community: https://t.me/AiCoinWhaleData
On-chain community: https://www.aicoin.com/link/chat?cid=N6OVMor5g
AiCoin on-chain Twitter: https://x.com/aicoinwhaledata
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
