The most famous "harvester" on the chain, today, got harvested itself. Jaredfromsubway.eth, the largest sandwich arbitrage bot on Ethereum.

Its business has been one thing for years: watching ordinary people's transactions in the mempool, buying before you, selling after you, using sorting advantages to skim a little from each of your trades. Retail traders caught in its trap are countless.
According to security firm Blockaid, this bot was drained of about $7.5 million this time. The method was that it was tricked into approving a batch of fake transaction paths, and the attacker then used these approvals to sweep WETH, USDC, USDT from its wallet.
First, let’s clarify so no one adds drama for me. I’m not pointing fingers at who did it. On-chain, what can be seen are the fund flows and stolen assets; the identity of the other side is unknown. Until there’s verifiable evidence, I only state "what happened," and do not accuse any address.
This has always been the rule of this account: questions are allowed, but don’t jump to conclusions. But one thing is factually ironic enough that I don’t need to say more. A machine that profits by "predicting what others will sign and acting before them" ultimately fell because it signed an unauthorized approval. It understands better than anyone how to exploit transaction order and approval mechanisms to get an advantage, but with the same mechanism, it turned around and cleared its own position.
I have no sympathy for this machine. It profits from information and speed disparities—money that’s inherently dirty. I also don’t plan to praise the one who drained it as some kind of "hero" fighting in the dark; the winner is still the dark side, just that this time, the victim is bigger.
On-chain, there’s no mercy. Whatever tactics you use against others, someday someone will use the same tactics against you. This isn’t karma; it’s just a game played on a transparent ledger where everyone can see your approvals. No one can stand on the handle of the knife forever.