Sign in Subscribe

BlockThreat - Week 25, 2026

$20M stolen across 13 incidents. Jared Got Sandwiched. DPRK is back at it.

Peter Kacherginsky

8 min read
Share
BlockThreat - Week 25, 2026

Thirteen incidents last week continuing the 2+ hacks a day pace that started back in April. Bridge exploits, infinite mints, rounding errors, front-end takeovers. The full threat spectrum in seven days. However, there was one incident that stands apart. Not just for how it was pulled off, but for who it went after.

Jared Got Sandwiched

The most interesting hack this week was the compromise of the infamous JaredFromSubway MEV bot. The attacker built what was effectively a counter-MEV honeypot complete with fake tokens, fake pools, and fake arbitrage routes designed to lure the automated system into interacting with attacker's contracts. Once the bot granted token approvals, the attacker promptly used them to drain $7.5M in assets. Jared got an offer he could not refuse and promptly paid for it.

JaredFromSubway has been hated for years as a symbol of retail extraction, sandwiching users at scale and turning the mempool into a hostile cesspool. So it was no surprise that the ecosystem put its appetite for good old frontier justice on full display following the hack:

The bot operator’s attempt to negotiate with the attacker was just as strange.

Any serious legal case or LE referral would likely force the operator to reveal their identity, quickly painting a giant target on their back for angry traders to file civil claims for years of abuse. And even then success is far from guaranteed. The recent case against brothers Anton and James Peraire-Bueno who cleverly drained $25M from a number of MEV bots in 2023, ended in a mistrial after jurors’ heads collectively exploded trying to reason about fraud law in the MEV bot market. For now, JaredFromSubway joins a very small club of crypto predators who learned that the mempool cuts both ways.

In other news, Taiko, an L2 chain for AI agent, made a classic mistake of letting AI manage their Github repositories and publicly exposed its SGX enclave RSA private key responsible for chain state verification. As a reminder, there are a number of tools that could help you catch accidentally leaked creds such as Betterleaks, trufflehog, detect-secrets, or just use built-in Github Secret Scanning tool. Another completely preventable $1.7M hack.

In other news, Taiko, an L2 chain for AI agents, made the very classic mistake of letting AI manage its GitHub repositories and publicly exposed an SGX enclave RSA private key responsible for chain state verification. This is exactly the kind of mistake that basic secret scanning is supposed to catch. Betterleaks, trufflehog, detect-secrets or even Github's Secret Scanning tool would have helped flag accidentally leaked creds and keys before attackers found them. Another completely preventable $1.7 million hack.

This week, paid subscribers will get:

  • Detailed writeups for a couple of contract draining and infinite minting vulns
  • Updates on the nation state tradecraft such as DPRK IT worker tactics, macOS malware, supply chain attacks, and direct intrusion TTPs
  • Latest tools and techniques for auditors and defenders
  • News about ongoing phishing campaigns hitting DuckDuckGo and LinkedIn

Plus writeups and post-mortems on all 13 hacks from the past week.

CTA Image

If a BlockThreat subscription would meaningfully support your learning, research, protocol, or public goods work, you may be eligible for a free community-sponsored account.

Apply Here

Let’s dive into the news!