According to Wu Blockchain, security company Blockaid reported that the well-known Ethereum MEV bot JaredFromSubway was attacked, resulting in the theft of approximately $7.5 million in assets. The attacker constructed fake token wrappers and liquidity pools to trick the bot's automated MEV execution system into granting token approvals to contracts controlled by the attacker. Subsequently, the attacker exploited the unrevoked approvals to transfer assets like WETH, USDC, and USDT held by the bot using transferFrom. Blockaid stated that this incident was neither a traditional phishing attack nor caused by vulnerabilities in the victim's smart contract itself. Instead, the attacker exploited a flaw in the bot's mechanism for automatically identifying arbitrage opportunities and generating approvals. https://(wublock123.com)/news/jaredfromsubway-mev-bot-hacked-7-5m-crypto-theft-63169