Developers behind the Arbitrum-based Jimbos Protocol are gauging the best way for the project to move forward after its version 2 (V2) faced a $7.5 million exploit over the weekend.
Jimbos said it was working with security researchers to reclaim lost funds – the same people who’ve previously helped Euler Finance recover over $200 million – and added that they would contact law enforcement by 4 P.M. UTC on Monday if the attacker failed to return the money.
Jimbos lost 4,090 ether (ETH) late on Saturday, which security analysts blamed on the lack of slippage control in the main contract. This allowed the yet-unidentified attackers to take out a $5.9 million flash loan, manipulate the prices of jimbo (JIMBO), and walk out with treasury funds.
The protocol planned to issue a semi-stable token backed by a basket of crypto tokens, alluring traders to this concept as similar projects have seen brief success.
Flash loans are a popular way for attackers to gain funds to conduct exploits on decentralized finance (DeFi) systems. The loans allow traders to borrow unsecured funds from lenders using smart contracts instead of third parties.
These do not require any collateral because the contract considers the transaction complete only when the borrower repays the lender – meaning a borrower defaulting on a flash loan would cause the smart contract to cancel the transaction, and the money would be returned to the lender.
Meanwhile, JIMBO, its token, traded at nearly 18 cents on Monday, slightly recovering in Asian morning hours as developers floated their protective plans.