TL;DR
-
Jimbos Protocol lost 4,090 ETH ($7.5 million) in an exploit over the weekend.
-
The hack came roughly three days after the protocol launched its second version.
Jimbos Protocol Experiences A $7.5 Million Hack
Crypto project Jimbos Protocol lost 4,090 ETH ($7.5 million) in a hack over the weekend. According to crypto analysts PeckShield, the hack took place three days after the protocol launched its version 2.
It appears today's @jimbosprotocol hack leads to the 4090 ETH loss (w/ ~$7.5M).
— PeckShield Inc. (@peckshield) May 28, 2023
This hack is due to the lack of slippage control of liquidity-shifting operation -- such that the protocol-owned liquidity is invested into a skewed/imbalanced price range, which is exploited in… https://t.co/wnQAeksojz pic.twitter.com/TPlqNlvnZD
The hacker(s) took advantage of the protocol's lack of control over slippage for the tokens under its control. PeckShield also added that the hacker leveraged a $5.9 million flash loan — where tokens are borrowed and instantly repaid — to execute the attack.
Jimbos Protocol wrote on Twitter that;
"We are aware of the exploit regarding our protocol and are actively in contact with law enforcement and security professionals. We will release further information when possible."
Jimbos Protocol is an Arbitrum-based project that seeks to develop a token with a semi-stable floor price, that's backed by an amount of assets. The development team wanted to take advantage of some elements of the Olympus DAO project but, with a few changes, hoped to make it more sustainable
Jimbos Protocol was initially launched on May 16th. However, a smart contract bug affected the protocol and stopped it from working as expected. The team went on to launch version 2 three days ago. The exploit saw the token’s price plunge from $0.24 to $0.