30 May 2023

Jimbos Protocol lost $7.5M in a hack


Jimbos Protocol lost $7.5M in a hack

Jimbos Protocol, a liquidity protocol within the Arbitrum ecosystem, was hit with a flash loan attack over the weekend that led to the loss of 4,000 Ethereum (ETH) tokens approximately worth $7.5 million.

According to blockchain security firm PeckShield, the attacker appears to have exploited a flaw in the protocol's code to carry out a flash loan. The hacker took advantage of the lack of slippage control on liquidity conversions in the Jimbos Protocol system that allowed them to execute reverse swaps for a profit.

The attackers withdrew 4,090 ETH from the Arbitrum network and subsequently used bridges such as Stargate and Celer Network to convert approximately 4,048 ETH into the Ethereum network, PeckShield said.

Jimbos Protocol has confirmed the incident on its official Twitter page and said it has launched an investigation into the issue. On May 28, Jimbos’ team offered the exploiter behind the attack to keep 10% of the stolen funds and return other 90%, or the team “won’t stop” until the attacker is “behind bars.” A day later the team announced it had “identified promising leads, and one in particular” that may allow Jimbos to identify the attacker.

“Over the past 24 hours, we’ve been working with security experts, bridges, and exchanges. Thanks to their help, we’ve identified promising leads, and one in particular. We hope the attacker will *voluntarily* cooperate - before they have no choice but to once we pass their info,” the team said.

Back to the list

Latest Posts

Cyber Security Week in Review: May 24, 2024

Cyber Security Week in Review: May 24, 2024

In brief: Google fixes Chrome zero-day, a backdoor found in JAVS software, and more.
24 May 2024
Chinese APTs increasingly using ORB networks to mask attack infrastructure

Chinese APTs increasingly using ORB networks to mask attack infrastructure

Mandiant reports that it is actively monitoring several ORB networks, with the most notable being SPACEHOP and FLORAHOX.
23 May 2024
Threat actors exploit vulnerable drivers to disable EDRs in cryptojacking attack

Threat actors exploit vulnerable drivers to disable EDRs in cryptojacking attack

Ghostengine deploys several modules to tamper with security tools, establish a backdoor, and ensure software updates are in place.
22 May 2024