Jimbos Protocol Hackers Launder Stolen Funds Through Tornado Cash

Key Points:

• Hackers behind the $7.5 million breach of Jimbos Protocol have now transferred the stolen funds through Tornado Cash, according to a PeckShield alert.
• Jimbos Protocol, a liquidity protocol operating on the Arbitrum system, suffered the attack in May due to a vulnerability in its liquidity conversion mechanism.
• The attackers managed to extract 4,090 ETH and utilized bridge networks to transfer around 4,048 ETH from the Ethereum network

In a recent alert issued by PeckShield, it has come to light that hackers responsible for the breach of Jimbos Protocol have successfully transferred the pilfered sum of $7.5 million via Tornado Cash.

The incident, previously reported by Coincu, unfolded on May 28 when Jimbos Protocol, a liquidity protocol operating within the Arbitrum system, fell victim to a malicious attack, resulting in a staggering loss of $7.5 million.

The breach itself exploited a vulnerability in the protocol’s liquidity conversion mechanism. Jimbos Protocol’s liquidity was distributed across a price range without strict equality constraints, creating a vulnerability that allowed attackers to manipulate swap orders in their favor.

Jimbos Protocol initially set out to combat issues related to liquidity and volatile token prices through an innovative approach. However, the protocol’s design flaws ultimately paved the way for malicious actors to exploit the system.

During the attack, the perpetrators managed to siphon off a total of 4,090 ETH from the Arbitrum network. Subsequently, they employed the Stargate bridge and the Celer Network to transfer approximately 4,048 ETH from the Ethereum network.

The successful transfer of the stolen funds through Tornado Cash highlights the ongoing challenges faced by the crypto community in safeguarding decentralized systems against determined attackers. Security measures and protocol development remain critical to mitigating such incidents in the future.

DISCLAIMER: The information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.