- Arbitrum-based Jimbos Protocol has been hacked barely three weeks after its market premiere.
- The threat actor made away with 4,090 ETH, worth $7.54 million at current rates.
- The attacker capitalized on the lack of slippage control over tokens to execute the loot, PeckShield reports.
Ethereum (ETH) worth around $7.54 million has been stolen after a hacker exploited the Arbitrum-based Jimbos protocol 20 days after its launch. Reportedly, the attacker took advantage of the lack of slippage control over tokens to grab the loot.
Ethereum worth $7.54 stolen in a May 28 hack
Ethereum (ETH) worth approximately $7.54 million has been stolen in a hack attack on the Arbitrum-based Jimbos protocol. The exploit adds to the list of protocol hacks in the crypto sector. According to PeckShield, the renowned blockchain security unit, the Jimbos Protocol was exploited on Sunday morning, May 28. Notably, Jimbos is the liquidity protocol of the Arbitrum ecosystem.
The attack saw up to 4,090 ETH stolen, equivalent to $7.54 million at current rates. Specifically, the attacker capitalized on the lack of slippage control of liquidity conversions. Notably, Jimbos protocol’s liquidity is invested in a price range that does not require to be equal. According to PeckShield, this creates a loophole where attackers can reverse swap orders for their own benefit.
The protocol debuted less than 20 days ago and was committed to addressing liquidity and volatile token prices by leveraging a new testing approach. Nevertheless, it seems the protocol’s mechanism was not developed sufficiently. Consequently, threat actors have spotted and exploited the vulnerability for their own gain.
Flow of stolen funds, according to PeckShield
PeckShield has attempted to explain the flow of the funds. Based on the blockchain security unit’s findings, after the exploiters extracted a significant amount of $4,090 ETH from the Arbitrum network, they proceeded to use the Stargate bridge and the Celer Network to transfer and collect a colossal sum nearing 4,048 ETH from the Ethereum network, possibly factoring transaction fees. Based on current rates, this is about $74.6 million.
As unfortunate as the Jimbos protocol hack is, it is not an isolated case and adds to a stream of hacking incidents against decentralized finance (DeFi) protocols. Nevertheless, there have been several reports suggesting a commendable decline in the number of such exploits in 2023 compared to the years prior, the community continues to fall victim to the many instances of hacks as of late.
Jimbos Protocol’s JIMBO token falls 20%
JIMBO, the ticker of the Jimbos protocol, has slumped by 40%, with little to no signs of a recovery.
At the time of writing, JIMBO is trading at $0.000003229 against wrapped Ethereum (WETH)