- Jimbos Protocol has handed the details of its recent $7.5 million hack to the Department of Homeland Security
- The hacker was offered the chance to return 90% of the funds or face police action
- They have seemingly chosen the latter, with the 10% bounty offered to the public in return for information
The developers behind Jimbos Protocol have reported the recent $7.5 million hack against its network to the Department of Homeland Security after the hacker spurned a deal to return the funds. The hacker was told they could return 90% of the stolen funds or face police action, and it seems that they would prefer to take their chances as no deal has been forthcoming. Instead, Jimbos has offered the 10% bounty to any member of the public who can provide valuable information leading to the identification and capture of the exploiter and recovery of the stolen funds.
Flash Loan Exploit Saw $7.5 Million Taken
Jimbos Protocol was attacked through a flash loan exploit over the weekend, the kind that has taken out other such protocols in the past, just two weeks after it launched its version 2 protocol. 4,090 ether was lost late on Saturday, with security analysts blaming a lack of slippage control in the main contract. This allowed the attacker to take out a $5.9 million flash loan, manipulate the prices of the JIMBO token, and walk out with treasury funds amounting to $7.5 million.
Following the hack, Jimbos said that it was working with the same team that managed to negotiate deals with the hackers of the Euler and Sentiment exploits, with the Euler case particularly notable because the hacker handed back all of the $200 million stolen.
The Jimbos Protocol hacker doesn’t seem as keen to do the right thing, however, turning down the offer to keep 10% of the funds in return for a belief that they can evade the attentions of the New York branch of the Department of Homeland Security:
They’re behind finding and arresting many of these exploiters. We don’t think this case will be an exception to the rule.
To the attacker: We warned you. We’d prefer giving you the bounty so we can focus on our protocol. Instead, we will deal with law enforcement to find you.
— Jimbos Protocol (v2, soon) (@jimbosprotocol) May 31, 2023
The authorities will also have the assistance of the crypto-going public, who will be in line for an $800,000 payday if they can help apprehend the hacker and the money is retrieved. However, if the hacker has any sense they will have taken steps to disguise the money by now, for example by sending it through a mixing service.