Exclusive data from EigenPhi reveals that sandwich attacks on Ethereum have waned

Maximal extractable value (MEV) refers to the economic value diverted from users by block builders through the manipulation of transaction ordering. The most harmful type of MEV are sandwich attacks, where an attacker simultaneously frontruns and backruns a victim’s swaps. This gives the victim a suboptimal execution price while the attacker pockets a spread. Most MEV activity occurs on Ethereum because it has high activity on DEXs and features an open block-building market that exposes order flow to searchers.

In this article, Cointelegraph Research provides insights into sandwiching activity from November 2024 to October 2025, based on a data set of more than 95,000 sandwich attacks exclusively provided by the data platform EigenPhi

Our research indicates that, despite the slowdown in sandwich extraction, the risk to ordinary users persists. While attacks result in about $60 million in annual losses for traders, block builders capture most of this value through gas fees. Attackers end up with a profit margin of merely 5%. Almost 40% of all sandwiches hit low-volatility pools, which indicates that traders can experience severe slippage even on swaps that are typically considered safe. Nevertheless, the decline in extraction may also suggest that more traders are now using MEV-protection tools

However, the issue is far from resolved because there is no unified mechanism to protect user swaps from sandwiching. There is a growing debate about introducing native MEV protection at the Ethereum protocol level. In our recent articles, we examined technical innovations aimed at this, namely Shutter’s threshold encryption and Batched Threshold Encryption.

State of sandwiching on Ethereum in 2025

Sandwich extraction fell sharply in 2025, even as monthly DEX volumes rose from around $65 billion in Q1 to well over $100 billion by Q3. Monthly extraction from sandwich attacks dropped from nearly $10 million in late 2024 to about $2.5 million by October 2025
The net profits after gas costs from the sandwich activity averaged about $260,000 per month in 2025. This number, however, was inflated by a single outlier in January 2025, when one sandwich attack generated more than $800,000 in profit

Nevertheless, the number of attacks has remained high, consistently ranging between 60,000 and 90,000 per month throughout the period. Roughly 70% of all sandwich attacks are associated with a single entity known as Jared (jaredfromsubway.eth), one of the most well-known MEV searchers. Jared’s v2 bot recently started using a sophisticated strategy that is capable of targeting up to four victims at once. The bot sometimes places a center transaction between the front-run and back-run to push swap rates even further for the following victims. Jared can also manipulate price by adding or removing liquidity from the pool.

## Which trading pairs do sandwich attackers target?

Data shows that about 38% of attacks targeted low-volatility pools that include stablecoins, wrappers and LSTs (liquid staking tokens) of Ether and Bitcoin. Notably, around 12% of all sandwiches hit stable swaps, which creates slippage risk in places where it is mostly unexpected and especially damaging. The most actively traded token outside stablecoins and wrapped assets was the memecoin MANYU paired with WETH. Jared has continuously targeted this pool since July and extracted nearly $19,000 across 65 sandwich attacks

## As profitability compresses, quantity is now a key for MEV bots

Sandwich bots are a highly competitive niche, and fewer of them have remained active as profits have declined. In October 2025, a total of 515 distinct bots operated on Ethereum. However, only just over 100 distinct sandwich bots execute trades in a typical month

The average profit per sandwich attack remains extremely low at just above $3. Only six attackers generated more than $10,000 in total profit, which shows how narrow the path to consistent returns has become in this niche. About one-third of all active sandwich bots in 2025 operated around breakeven ( -$10 to $10 ), while roughly 30% recorded net losses. Bots can often incur losses due to high competition for a limited set of opportunities, miscalculated slippage and gas costs. Margins that are too thin to absorb these errors.

The data indicate that Jared’s strategy has been the most profitable so far. It prioritizes quantity and captures most of the available sandwich opportunities, including smaller ones, which often result in profits of only a few cents. Throughout most of 2025, gas costs stayed low relative to per-attack revenue, which made this model even more viable than it had been before. Yet Jared still incurs losses at times. In April 2025, its profit margin was minus 20%, which translated into a loss of about $12,000.

This article does not contain investment advice or recommendations. Every investment and trading move involves risk, and readers should conduct their own research when making a decision. This article is for general information purposes and is not intended to be and should not be taken as, legal, tax, investment, financial, or other advice. The views, thoughts, and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph. Cointelegraph does not endorse the content of this article nor any product mentioned herein. Readers should do their own research before taking any action related to any product or company mentioned and carry full responsibility for their decisions. While we strive to provide accurate and timely information, Cointelegraph does not guarantee the accuracy, completeness, or reliability of any information in this article. This article may contain forward-looking statements that are subject to risks and uncertainties. Cointelegraph will not be liable for any loss or damage arising from your reliance on this information.

• #Ethereum
• #Stablecoin
• #Liquidity
• #DEX
• #Cointelegraph Research Articles