Exclusive Data From EigenPhi Reveals that Sandwich Attacks on Ethereum Have Waned

Sandwich attacks have long been the most visible form of maximal extractable value (MEV) on Ethereum, exploiting the open block‑building market to front‑run and back‑run user swaps. EigenPhi’s dataset of over 95,000 attacks reveals a steep contraction in extraction during 2025, coinciding with a surge in DEX volume from $65 billion to over $100 billion. Analysts attribute the drop to wider adoption of MEV‑mitigation tools, such as private transaction relays and transaction‑ordering services, which raise the barrier for opportunistic bots. Lower gas prices early in the year also squeezed profit margins, forcing many searchers to abandon marginal opportunities.

One entity dominates the remaining activity: the bot operated by the address jaredfromsubway.eth, colloquially known as Jared. Its v2 version now targets up to four victims per sandwich, inserting a central transaction to amplify price impact and even shifting liquidity to improve spreads. This concentration means roughly 70 % of all sandwiches originate from a single source, magnifying systemic risk especially in low‑volatility pools that house stablecoins and liquid‑staking tokens. The bot’s average profit per attack has fallen to just over $3, turning the strategy into a high‑frequency, low‑margin game.

The persistence of sandwiching, even at reduced scale, underscores the urgency for native MEV defenses within the Ethereum protocol. Proposals such as threshold encryption and batched transaction ordering aim to hide order flow until blocks are sealed, potentially eliminating the arbitrage window that fuels sandwich attacks. Until such mechanisms are widely adopted, traders will continue to rely on third‑party protection services, which add complexity and cost. Market participants should monitor bot concentration metrics and the evolution of MEV‑mitigation infrastructure, as they will shape liquidity quality and user confidence in DeFi markets.