Security breach in Jimbos Protocol, a liquidity protocol operating under the Arbitrum system, resulted in a significant loss of 4,000 Ether (ETH), approximately worth $7.5 million, on May 28. Blockchain security firm, PeckShield, discovered the breach, highlighting the critical need for enhanced security measures in cryptocurrency platforms.
The hacker reportedly exploited a loophole in the lack of slippage control on liquidity conversions in the Jimbos Protocol system. This security gap allows for an inequality in the protocol’s liquidity investment within the price range, providing an opportunity for attackers to manipulate swap orders for personal profit.
Launched less than three weeks ago, Jimbos Protocol was created to mitigate issues surrounding liquidity and token price volatility through a new testing approach. Despite its promising intent, the protocol’s mechanism was not sufficiently developed, presenting a logical vulnerability that ultimately exposed it to cyber threats.
In the wake of this security breach, the value of the protocol’s underlying token, Jimbo (JIMBO), has seen a sharp decrease, dropping by 40%, as revealed in a tweet by PeckShield.
” #PeckShieldAlert $JIMBO has dropped -40%”
The attacker transferred the stolen token, worth around $7.5 million, to Ethereum. The funds are currently located at the Ethereum address listed on Etherscan.io. “#PeckShieldAlert The @jimbosprotocol exploiter has bridged the stolen funds (4,048 $ETH valued at ~$7.5M) to Ethereum and they are located at https://etherscan.io/address/0x5f3591e2921d5c9291f5b224e909ab978a22ba7e”
The impact of this security breach echoes the imperative for robust security systems within cryptocurrency platforms, particularly those newly launched. As the aftermath unfolds, the Jimbos Protocol team will undoubtedly be prompted to review and strengthen their security infrastructure to prevent similar incidents in the future.