- Jimbos Protocol, Built on Arbitrum, Falls Victim to $7.5 Million Exploit Shortly After Version 2 Release
- The attacker exploited a loophole in Jimbos Protocol, capitalizing on the absence of slippage control due to varying liquidity investments across the price range.
Jimbos Protocol, a decentralised finance (DeFi) platform running on Arbitrum, has experienced a major security breach, Just three days after its version 2 launch .PeckShield, a blockchain security firm, has reported that the exploit was made possible due to the protocol’s inability to control slippage for the tokens it manages.
This vulnerability resulted in a staggering loss of 4,090 ETH, equivalent to approximately $7.5 million.
Remarkably, this breach was not executed through conventional hacking methods, but rather by exploiting a flaw inherent in the protocol itself—specifically, the absence of slippage control in liquidity-shifting operations.
Jimbos Protocol responded by tweeting, “We are currently in communication with law enforcement and security professionals. We are aware of the exploit affecting our protocol. We will provide further details as soon as we can.”
In this context, a system or feature that aids in managing price slippage during trading or liquidity operations is referred to as a slippage control. Whenever there is a difference within the anticipated price of an asset and the price that was actually performed, price slippage takes place. Slippage management is used in liquidity-shifting operations to lessen the price impact of significant trades or adjustments in liquidity.
This loophole allowed the attacker to manipulate and reverse swap orders for their own gain, resulting in the successful execution of the exploit. The details of the attack were identified by PeckShield, bringing attention to the importance of robust security measures in decentralised finance platforms.
Despite being developed as a solution to address liquidity and volatile token prices, the recently launched Jimbos Protocol appears to have encountered significant flaws in its mechanism. These flaws have created a vulnerability that has been exploited by attackers, ultimately leading to a negative impact on the price of the protocol’s native asset, JIMBO token.
Following the security breach, the value of the JIMBO token has plummeted by almost 40% and is currently facing challenges in recovering its lost value. The incident highlights the importance of thorough and comprehensive development processes when designing and deploying new protocols to ensure their robustness and security.
The rise of decentralized finance (DeFi) has undeniably brought significant advancements to the crypto space, offering innovative financial solutions and opportunities. However, it has also witnessed a concerning trend of growing DeFi hacks.
Leading Decentralised Finance (DeFi) protocol DEUS is the most recent name to be added to the list of Defi hack victims. An exploit of the protocol resulted in a loss of more than $6 million. On May 5, the hacker allegedly took advantage of a flaw in the BNB Smart Chain (BSC).