In addition to the existing number of protocol hacks in the crypto industry, Jimbos Protocol has not escaped attackers’ attention, having suffered an attack that resulted in the loss of a large amount of funds.
According to PeckShield, a blockchain security unit, Jimbos Protocol, the liquidity protocol of the Arbitrum system, was hacked on the morning of May 28. The attack resulted in the loss of 4,000 ETH, equivalent to approximately $7.5 million.
Specifically, the attacker took advantage of the lack of slide control of liquidity conversions. The protocol’s liquidity is invested in a price range that need not be equal, creating a loophole in which attackers can reverse trade orders to their own advantage.
Despite being launched less than 20 days ago, the Jimbos Protocol was intended to address liquidity and token price volatility through a new testing approach. However, it appears that the protocol mechanism was not developed properly, leading to a logical vulnerability that created favorable conditions for attackers. As a consequence, the price of the underlying token, JIMBO, has plunged 40% and shows little sign of recovery.
#PeckShieldAlert $JIMBO has dropped -40%https://t.co/fXZPG27zdM pic.twitter.com/zMPs75jUtK
— PeckShieldAlert (@PeckShieldAlert) May 28, 2023
According to PeckShield’s findings, the attackers managed to extract a significant amount of 4,090 ETH from the Arbitrum network. Subsequently, they used the bridge called Stargate and Celer Network to transfer and collect a substantial sum of approximately 4048 ETH from the Ethereum network.
Here comes the flow of stolen funds. @jimbosprotocolo pic.twitter.com/HkUtTFZILv
— PeckShieldAlert (@PeckShieldAlert) May 28, 2023
The occurrence of hacking incidents targeting decentralized finance (DeFi) protocols is not a new phenomenon within the cryptocurrency market. While there have been reports indicating a significant decrease in the number of such attacks compared to previous years, the community has still been exposed to numerous instances of exploitation in recent times.
Related:Sandbox CEO’s Twitter Hacked, Used to Promote an Alleged ‘Airdrop’ Scam
Despite efforts to improve security measures, the DeFi ecosystem continues to grapple with the persistent challenge of protecting against potential vulnerabilities and unauthorized access. An example is found in the flash lending attack that the 0VIX protocol fell victim to, which resulted in a substantial loss of nearly $2 million.
Another noteworthy event involved the hijacking of Tornado Cash, a prominent privacy-focused protocol. Unknown attackers successfully compromised the system and extracted significant amounts of TORN tokens, resulting in substantial financial losses.
Magazine: Should crypto projects ever negotiate with hackers? Probably
