Maximal extractable value (MEV) denotes the economic value appropriated from users by block builders via manipulation of transaction ordering. The most detrimental form of MEV is sandwich attacks, where an attacker simultaneously frontruns and backruns a victim’s swaps. This results in the victim receiving a less favorable execution price while the attacker gains a spread. The majority of MEV activity is prevalent on Ethereum due to its high activity on DEXs and an open block-building market that exposes order flow to searchers.
In this article, Cointelegraph Research offers insights into sandwiching activity from November 2024 to October 2025, drawing on a data set of over 95,000 sandwich attacks provided by the data platform EigenPhi.
Our investigation reveals that while sandwich extraction has decreased, the risk to average users remains. Attacks result in approximately $60 million in annual losses for traders, with block builders capturing the bulk of this value through gas fees. Attackers achieve a meager profit margin of just 5%. Nearly 40% of all sandwich attacks target low-volatility pools, indicating that traders may endure significant slippage even on swaps traditionally seen as safe. However, this decrease in extraction could also suggest that a growing number of traders are employing MEV-protection tools.
Nonetheless, the problem is far from solved as there is no standardized mechanism to shield user swaps from sandwiching. An ongoing debate surrounds the implementation of native MEV protection at the Ethereum protocol level. In our recent writings, we explored technical advancements aimed at this goal, including Shutter’s threshold encryption and Batched Threshold Encryption.
State of sandwiching on Ethereum in 2025
Sandwich extraction sharply declined in 2025, even as monthly DEX volumes rose from approximately $65 billion in Q1 to over $100 billion by Q3. Monthly extraction from sandwich attacks fell from nearly $10 million in late 2024 to about $2.5 million by October 2025.
Net profits after gas costs from sandwich activity averaged around $260,000 per month in 2025. This figure was, however, inflated by a singular outlier in January 2025, when one sandwich attack yielded over $800,000 in profit.
Despite this decline, the number of attacks has remained high, fluctuating between 60,000 and 90,000 per month during this period. Approximately 70% of all sandwich attacks are linked to a single entity known as Jared (jaredfromsubway.eth), a prominent MEV searcher. Jared’s v2 bot has recently adopted a sophisticated strategy capable of targeting up to four victims simultaneously. The bot sometimes executes a central transaction between the front-run and back-run to further manipulate swap rates for subsequent victims. Jared can also influence pricing by adding or removing liquidity from the pool.
Which trading pairs do sandwich attackers target?
Data indicates that around 38% of attacks targeted low-volatility pools involving stablecoins, wrappers, and LSTs (liquid staking tokens) of Ether and Bitcoin. Notably, approximately 12% of all sandwiches affected stable swaps, creating slippage risks in areas where they are generally unexpected and especially detrimental. The most actively traded token outside stablecoins and wrapped assets has been the memecoin MANYU paired with WETH. Jared has persistently targeted this pool since July, extracting nearly $19,000 over 65 sandwich attacks.
As profitability compresses, quantity is now a key for MEV bots
Sandwich bots operate in a highly competitive niche, and fewer have remained active as profitability has decreased. In October 2025, a total of 515 distinct bots were functional on Ethereum. However, only slightly over 100 distinct sandwich bots conduct trades in a typical month.
The average profit per sandwich attack remains very low at just above $3. Only six attackers have accumulated more than $10,000 in total profit, illustrating how narrow the pathway to consistent returns has become in this field. Approximately one-third of all active sandwich bots in 2025 have operated around breakeven ( -$10 to $10 ), while nearly 30% have reported net losses. Bots frequently incur losses due to high competition for a limited number of opportunities, misestimated slippage, and gas costs, with margins too thin to absorb these mistakes.
The data suggests that Jared’s strategy has proven the most lucrative so far. It emphasizes quantity and capitalizes on the majority of available sandwich opportunities, including smaller ones that typically yield only a few cents. Throughout much of 2025, gas costs remained low in relation to per-attack revenue, enhancing the viability of this model. However, Jared still encounters losses at times. In April 2025, the profit margin was minus 20%, equating to a loss of approximately $12,000.
This article does not contain investment advice or recommendations. Every investment and trading action involves risk, and readers should conduct their own research when making decisions. This article is for informational purposes only and should not be viewed as, or taken as, legal, tax, investment, financial, or other advice. The views, thoughts, and opinions expressed here are solely those of the author and do not necessarily reflect or represent those of Cointelegraph. Cointelegraph does not endorse the content of this article or any product mentioned herein. Readers should perform their own research prior to making any decisions related to any product or company mentioned and bear full responsibility for their actions. While we endeavor to provide accurate and timely information, Cointelegraph does not guarantee the accuracy, completeness, or reliability of any information contained in this article. This article may include forward-looking statements that are subject to risks and uncertainties. Cointelegraph will not be liable for any loss or damage arising from reliance on this information.
