PANews, June 21: JaredFromSubway.eth, a MEV bot developer, posted that his MEV bot was hacked and approximately $15 million in assets were drained. He has publicly offered a $1 million reward, promising complete confidentiality and secure return of funds if the full amount is returned, emphasizing that this is a legitimate and time-sensitive bounty and urging the hacker to contact him privately. Security firm Blockaid stated that the attacker tricked the bot’s automated MEV execution system into granting token approvals to a contract under the attacker’s control by constructing fake token wrappers and liquidity pools. Subsequently, the attacker exploited the outstanding approvals to transfer assets such as WETH, USDC, and USDT held by the bot using transferFrom.
MEV Bot JaredFromSubway Hacked; $15 Million Stolen in Attack
PANewsShare
Summary
MEV bot developer JaredFromSubway.eth reported a $15 million theft after a hacker exploited fake token wrappers and liquidity pools to obtain approvals. The attacker used transferFrom to drain WETH, USDC, and USDT. A $1 million bounty is offered for full recovery. New token listings and token launch announcements continue to attract both attention and risk, as this incident demonstrates.
Source:Show original
Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information.
Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.