Jimbos Protocol Falls Victim to Hack, Losing $7.5 Million in Ethereum
In the ever-growing landscape of decentralized finance (DeFi) protocol hacks within the cryptocurrency industry, the latest incident involves Jimbos Protocol. According to blockchain security firm PeckShield, the liquidity protocol of the Arbitrum system, Jimbos Protocol, was hacked on May 28, leading to a loss of 4,000 Ether, valued at approximately $7.5 million at the time.
The attack targeted a vulnerability related to the absence of slippage control on liquidity conversions. Exploiting this loophole, the attacker was able to reverse swap orders and benefit from the protocol’s uneven price ranges where liquidity is invested.
Despite being launched less than 20 days ago, Jimbos Protocol aimed to tackle liquidity issues and volatile token prices through an innovative testing approach. However, due to insufficient development of the protocol’s mechanisms, it exposed a logical vulnerability, creating favorable conditions for attackers. Consequently, the price of the underlying token, Jimbo (JIMBO), plummeted by 40%.
According to PeckShield’s investigation, the attackers managed to extract 4,090 ETH from the Arbitrum network and subsequently transferred approximately 4,048 ETH from the Ethereum network using the Stargate bridge and the Celer Network.
Although incidents of hacking in DeFi protocols are not uncommon, reports indicate a decrease in the number of attacks compared to previous years. Nonetheless, the community remains exposed to various exploits.
Despite ongoing efforts to enhance security measures, the DeFi ecosystem continues to grapple with the persistent challenge of safeguarding against potential vulnerabilities and unauthorized access. Recent examples include the flash loan attack on the 0VIX protocol, resulting in a significant loss of nearly $2 million, and the hijacking of Tornado Cash, a prominent privacy-focused protocol, where unknown attackers successfully compromised the system and extracted substantial quantities of Tornado Cash (TORN) tokens, leading to significant financial losses.
Token’s Price Plummets by 40%
The Jimbos Protocol, which operates on the Arbitrum platform, was initially launched on May 16. However, shortly after its release, a smart contract bug emerged, rendering version 1 inoperable. Users were advised not to engage with version 1 and to await the arrival of version 2.
Following the hack of version 2, the token’s price has experienced a significant drop of 25%, falling from $0.25 to $0.15.
The primary objective of the DeFi protocol was to address liquidity challenges and mitigate the impact of volatile token prices through a novel testing approach. Unfortunately, it appears that the protocol’s mechanism was inadequate, thereby creating favorable conditions for malicious actors.
5 Comments