In yet another unfortunate incident plaguing the decentralized finance (DeFi) sector, Jimbos Protocol has fallen victim to a significant hack, further amplifying the growing number of such attacks within the crypto industry.
According to a cointelegraph report on May 28, Jimbos Protocol, which serves as the liquidity protocol for the Arbitrum system, experienced a breach, resulting in a loss of 4,000 Ether (ETH). At the time of the attack, the stolen funds were valued at approximately $7.5 million.
According to blockchain security firm PeckShield, the attacker exploited the absence of slippage control on liquidity conversions. The protocol’s liquidity was invested within a price range that did not require parity, creating a vulnerability that allowed attackers to execute reverse swap orders for their own benefit.
Despite its recent launch, which occurred less than 20 days prior to the attack, Jimbos Protocol aimed to tackle liquidity and the volatility of token prices through an innovative testing approach. However, it appears that the protocol’s mechanisms were not sufficiently developed, resulting in a logical vulnerability that ultimately favored the attackers. Consequently, the price of Jimbos Protocol’s native token, Jimbo (JIMBO), has plummeted by a staggering 40%.
According to PeckShield’s investigation, the attackers managed to withdraw 4,090 ETH from the Arbitrum network. Subsequently, they utilized the Stargate bridge and the Celer Network to transfer approximately 4,048 ETH from the Ethereum network.
This incident underscores the ongoing challenges faced by DeFi protocols in securing their platforms against malicious attacks. The crypto industry as a whole must continue to prioritize the development of robust security measures and thorough audits to mitigate such risks and protect user funds.