Here’s a shocking truth: despite a decline in sandwich attacks on Ethereum, everyday users are still at risk of losing millions. But here’s where it gets controversial—while these attacks are less frequent, the lack of a unified protection mechanism means the problem is far from solved. Let’s dive into the details.
Exclusive data from EigenPhi reveals a significant drop in sandwich attacks on Ethereum, a type of maximal extractable value (MEV) exploitation. MEV refers to the profits block builders make by manipulating transaction orders, often at the expense of users. Sandwich attacks, the most notorious form, involve frontrunning and backrunning a user’s trade, leaving them with a worse price while the attacker pockets the difference. Ethereum’s high DEX activity and open block-building market make it a prime target for such exploits.
Cointelegraph Research analyzed over 95,000 sandwich attacks from November 2024 to October 2025, thanks to EigenPhi’s exclusive dataset. While the number of attacks has decreased, the threat remains. Traders lose approximately $60 million annually, though block builders capture most of this value through gas fees, leaving attackers with a meager 5% profit margin. Surprisingly, nearly 40% of attacks target low-volatility pools, traditionally considered safer, exposing traders to unexpected slippage. And this is the part most people miss—the decline in attacks might suggest more users are adopting MEV-protection tools, but the absence of a protocol-level solution leaves many vulnerable.
The debate over native MEV protection on Ethereum is heating up. Innovations like Shutter’s threshold encryption and Batched Threshold Encryption aim to address this, but their adoption remains uncertain. In 2025, sandwich extraction plummeted even as DEX volumes surged from $65 billion in Q1 to over $100 billion by Q3. Monthly losses from these attacks dropped from $10 million in late 2024 to $2.5 million by October 2025. However, the number of attacks remained high, ranging between 60,000 and 90,000 per month.
One entity, Jared (jaredfromsubway.eth), dominates the scene, responsible for roughly 70% of all attacks. Jared’s v2 bot employs a sophisticated strategy, targeting up to four victims simultaneously and manipulating swap rates by adding or removing liquidity. Interestingly, 38% of attacks target low-volatility pools, including stablecoins and liquid staking tokens, while 12% hit stable swaps, creating unexpected slippage risks. The memecoin MANYU paired with WETH has been a frequent target, with Jared extracting nearly $19,000 across 65 attacks since July.
As profitability shrinks, MEV bots now rely on quantity. In October 2025, only 100 out of 515 active bots executed trades monthly, with average profits per attack hovering just above $3. Only six attackers made over $10,000, highlighting the niche’s cutthroat nature. About one-third of bots operated at breakeven, while 30% incurred losses due to high competition, miscalculated slippage, and gas costs. Jared’s strategy, prioritizing volume, has proven most profitable, though even he suffered a 20% loss in April 2025, equating to $12,000.
Here’s a thought-provoking question: With Ethereum’s protocol-level MEV protection still in debate, should users rely on third-party tools or push for faster adoption of native solutions? Share your thoughts in the comments—this discussion is far from over.
