Arbitrum-based Jimbos Protocol hacked, losing $7.5M in Ether

Adding to the growing number of decentralized finance (DeFi) protocol hacks in the crypto industry, Jimbos Protocol is the latest to suffer an attack resulting in a significant loss of funds.

According to blockchain security firm PeckShield, Jimbos Protocol — the liquidity protocol of the Arbitrum system — was hacked on the morning of May 28. The attack resulted in the loss of 4,000 Ether (ETH), worth approximately $7.5 million at the time.

Specifically, the attacker took advantage of the lack of slippage control on liquidity conversions. The protocol’s liquidity is invested in a price range that doesn’t need to be equal, creating a loophole where attackers can reverse swap orders for their own gain.

Despite being launched less than 20 days ago, the Jimbos Protocol aimed to address liquidity and volatile token prices through a new testing approach. However, it appears that the protocol's mechanism was not adequately developed, leading to a logical vulnerability that created favorable conditions for attackers. As a consequence, the price of the underlying token, JIMBO, has plummeted by 40% and shows little sign of recovery.

#PeckShieldAlert $JIMBO has dropped -40%

— PeckShieldAlert (@PeckShieldAlert) May 28, 2023

According to PeckShield's findings, the attackers managed to extract a significant amount of 4,090 ETH from the Arbitrum network. Subsequently, they utilized the bridge called Stargate and the Celer Network to transfer and collect a substantial sum of approximately 4,048 ETH from the Ethereum network.

Here comes the flow of stolen funds. @jimbosprotocol

— PeckShieldAlert (@PeckShieldAlert) May 28, 2023

The occurrence of hacking incidents targeting decentralized finance (DeFi) protocols is not a novel phenomenon within the cryptocurrency market. While there have been reports indicating a significant decline in the number of such attacks when compared to previous years, the community has still been exposed to numerous instances of exploitation in recent times.

Related:The Sandbox CEO’s Twitter was hacked, used to promote alleged ‘airdrop’ scam

Despite efforts to enhance security measures, the DeFi ecosystem continues to grapple with the persistent challenge of safeguarding against potential vulnerabilities and unauthorized access. An example lies in the flash loan attack the 0VIX protocol fell victim to, resulting in a substantial loss of nearly $2 million.

Another noteworthy occurrence involved the hijacking of Tornado Cash, a prominent privacy-focused protocol. Unknown attackers successfully compromised the system and extracted significant quantities of TORN tokens, leading to substantial financial losses.

Magazine: Should crypto projects ever negotiate with hackers? Probably

Title: Arbitrum-based Jimbos Protocol hacked, losing $7.5M in Ether
Sourced From:
Published Date: Sun, 28 May 2023 09:08:06 +0100

Did you miss our previous article...