Arbitrum-Based Zimbos Protocol Hacked, Losing $7.5M in Ether

[ad_1]

Adding to the existing number of protocol hacks in the crypto industry, Jimbos Protocol has not escaped the attention of attackers as it has suffered an attack that resulted in the loss of a large amount of money.

According to Peckshield, the liquidity protocol of Arbitrum Systems, the Zimbos Protocol, a blockchain security entity, was chopped off morning of 28 May. The attack resulted in the loss of 4,000 ETH, which is roughly equivalent to $7.5 million.

In particular, the attacker took advantage of the lack of slippage controls for liquidity conversions. Liquidity of the protocol is invested in a price range that does not need to be equal, creating a loophole where attackers can reverse swap orders to their own advantage.

Despite launching less than 20 days ago, the Jimbos Protocol aims to address liquidity and volatile token prices through a new testing approach. However, it appears that the mechanism of the protocol was not sufficiently developed, leading to a logical vulnerability that created favorable conditions for attackers. As a result, the price of the underlying token, JIMBO, has dropped by 40% and is showing little sign of recovery.

According to Peckshield’s findings, the attackers managed to withdraw a significant amount of 4,090 ETH from the Arbitrum network. Thereafter, he used a bridge called Stargate and the Celer network to transfer and collect a substantial amount of around 4,048 ETH from the Ethereum network.

The occurrence of hacking incidents targeting decentralized finance (DeFi) protocols is not a new phenomenon within the cryptocurrency market. Although there are reports indicating a significant decline in the number of such attacks compared to previous years, the community has been exposed to several instances of exploitation in recent times.

Connected:Sandbox CEO’s Twitter was hacked, used to promote alleged ‘airdrop’ scam

Despite efforts to enhance security measures, the DeFi ecosystem is grappling with the constant challenge of protecting against potential vulnerabilities and unauthorized access. One example lies in the Flash Loans attack, a victim of the 0VIX protocol, which resulted in substantial losses of around $2 million.

Another notable incident involved the hijacking of Tornado Cash, a major privacy-focused protocol. Unknown attackers successfully compromised the system and extracted a large amount of TORN tokens, causing a significant financial loss.

magazine: Should crypto projects negotiate with hackers? Perhaps