Arbitrum-based Jimbo’s Protocol was hacked and lost $7.5 million worth of Ethereum.
The latest attack on the decentralized finance (DeFi) industry has been on Jimbo’s Protocol. In this attack, the hacker exploited a vulnerability to steal 7.5 million worth of Ethereum from the protocol.
Arbitrum-Based Jimbo’s Protocol Loses $7.5M in Ethereum
According to blockchain security firm PeckShield, the Jimbos Protocol, the Arbitrum system’s liquidity protocol, was hacked on the morning of May 28. The attack resulted in the theft of 4,000 Ethereums
The hacker took advantage of the lack of slip control, especially in liquidity conversions. The liquidity of the protocol is invested in a price range that is not necessarily equal, creating a gap where attackers could reverse their swap orders for their own gain, and the attacker took advantage of this.
Although the Jimbos Protocol was launched less than 20 days ago, it aimed to address liquidity and volatile token prices with a new testing approach. However, the mechanism of the protocol was not sufficiently developed, leading to a logical vulnerability that created favorable conditions for attackers. As a result, the price of the base token Jimbo (JIMBO) dropped 40 percent.
It appears today's @jimbosprotocol hack leads to the 4090 ETH loss (w/ ~$7.5M).
This hack is due to the lack of slippage control of liquidity-shifting operation — such that the protocol-owned liquidity is invested into a skewed/imbalanced price range, which is exploited in… https://t.co/wnQAeksojz pic.twitter.com/TPlqNlvnZD
— PeckShield Inc. (@peckshield) May 28, 2023
