The Jimbos protocol is the most recent decentralized finance (DeFi) system to have been hacked, which caused a significant loss of money in the crypto market.
Table of Contents
According to blockchain security firm PeckShield, the Arbitrum system’s liquidity mechanism, the Jimbos protocol, was compromised on May 28 in the early morning. The breach resulted in a loss of 4,000 Ether, which was worth around $7.5 million at the time.
In this instance, the attacker profited from loose regulation of the conversion of liquid assets. The protocol offers a security flaw via which bad actors might influence swap orders since its liquidity is staked in a price range where the prices don’t have to be equal.
Jimbos Protocol, which was just made public almost two weeks ago, promised a novel approach to testing that would address the issues of liquidity and fluctuating token values.
Unfortunately, the mechanism of the protocol was immature, making it susceptible to logical assaults. As a result, the value of Jimbo (JIMBO), the underlying token, has decreased by 40%.
The issue happened as a result of a liquidity-shifting procedure’s slippage control being insufficient.
The term “slippage” describes the discrepancy between the anticipated price of a transaction and the price at which it is executed. This variance may occur if market orders are used when there is a lot of volatility, which would cause big fluctuations in prices.
The hackers stole 4,090 ETH from the Arbitrum network, according to PeckShield. As a consequence, they transferred 4,048 ETH from the Ethereum network via the Celer Network and the Stargate bridge. It is not unusual for DeFi protocols to be attacked.
Although there have been fewer assaults than in previous years, the community is somehow exposed to a variety of weaknesses.
Despite efforts to strengthen security protocols, the DeFi ecosystem always struggles to guard against potential flaws and unauthorized access. A good example is the current attack by flash loans on the 0VIX protocol, which cost almost $2 million in damages.
Investors could also see the attack as a Jimbos Protocol-specific issue rather than an indication of larger market instability. Instead of an external hack aimed at attacking Ethereum’s basic infrastructure, this event stands out as an effort to exploit a weakness in a particular decentralized application (dapp).
Jimbos works with researchers and analysts
Later, Jimbos tweeted that it was seeking assistance from various on-chain researchers and security specialists who had worked to fix the Euler Finance and Sentiment attacks.
One of the on-chain specialists that helped Euler retrieve $200 million, Cryptogle, acknowledged the protocol modification and noted that the “kitchen is about to get hot for the hacker.”
In March, a flash loan flaw allowed for the hacking of Euler Finance. To shield himself from legal consequences once on-chain investigators discovered his true identity, the attacker did, however, restore nearly all of the funds that had been stolen in April.
Jimbos has gotten in touch with some of the most well-known on-chain analyzers, like Zachxbt, in the hopes of getting a similar result.
If its present efforts fail, the protocol promises to start collaborating with law enforcement organizations on May 29.