Security News > 2023 > May > 1. This crypto-coin is called Jimbo. 2. $8m was stolen from its devs in flash loan attack
Just days after releasing the second - and supposedly more stable and secure - version of its decentralized finance app, Jimbos Protocol over the weekend was hit by attackers who stole stole 4,090 ETH tokens from the project worth about $7.5 million.
The developers behind the Arbitrum-based app were the apparent victims of a flash loan attack and now are scrambling to track down the light-fingered coders and retrieve the lost funds.
The attack occurred three days after Jimbos Protocol launched the second version of its software.
Analysts with Numen Cyber Labs wrote that after getting the flash loan, "The attacker exchanged the borrowed ETH for a substantial amount of Jimbo funds through the [ETH-Jimbo] trading pair, causing a surge in the current price of Jimbo. The attacker then transferred 100 JIMBO tokens to the JimboController contract."
After first acknowledging the attack, the Jimbos Protocol developers said they were working with analysts who had helped victims of similar attacks - including Euler Finance and Sentiment, both DeFi platforms - regain some of the money lost.
Euler Finance was hit by a flash loan attack in March, losing almost $200 million, though the culprit returned most of it.
News URL
https://go.theregister.com/feed/www.theregister.com/2023/05/30/jimbos_protocol_defi_attack/
Related news
- LottieFiles hit in npm supply chain attack targeting users' crypto (source)
- LottieFiles hacked in supply chain attack to steal users’ crypto (source)
- LottieFiles supply chain attack exposes users to malicious crypto wallet drainer (source)
- Crypto companies are losing ground to deepfake attacks (source)
- Malicious Microsoft VSCode extensions target devs, crypto community (source)
- Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack (source)