Adding to the growing number of decentralized finance (DeFi) protocol hacks in the crypto industry, the Jimbos Protocol is the latest protocol to suffer an attack that resulted in significant damage.
According to blockchain security firm PeckShield, the Jimbos Protocol — the liquidity protocol of the Arbitrum system — was hacked on the morning of May 28. The attack resulted in the loss of 4,000 Ether (ETH), worth around 7.5 million dollars at that time.
Specifically, the attacker took advantage of the lack of slippage control over liquidity transitions. The protocol’s liquidity is invested in a price range that doesn’t need to be equal, creating a loophole for attackers to reverse swaps to their advantage.
Although launched less than 20 days ago, the Jimbos Protocol aims to address liquidity and token price volatility through a new experimental method. However, the mechanism of the protocol has not been fully developed, leading to a logical flaw that creates favorable conditions for an attacker. As a result, the price of the underlying token, Jimbo (JIMBO), plummeted 40%.
As discovered by PeckShield, the attackers extracted 4,090 ETH from the Arbitrum network. They then used the Stargate bridge and the Celer Network to transfer approximately 4,048 ETH from the Ethereum network.
Hacking in DeFi protocols is not a new phenomenon. Although reports show that the number of attacks has decreased significantly compared to previous years, the community continues to face many exploits.