The team behind Jimbos Protocol, a decentralized finance (DeFi) app that was exploited, has presented a proposal to the attacker: return 90% of the funds and keep the remaining 10%, or face potential prosecution. The offer was communicated via a tweet by the Jimbos team on May 28 and was also posted on the Ethereum network.
In the tweet, the team stated that if the attacker returned 90% of the funds, they would not pursue legal action. However, if the attacker chose not to comply, the team vowed to relentlessly pursue legal measures until the perpetrator is apprehended.
Despite their initial message, when the team did not receive a response, they posted another message later that day, setting a deadline for the attacker to return 90% of the funds by the following day at 4 PM UTC. They warned that if the funds were not returned, they would involve law enforcement agencies.
After the deadline passed, on May 29, the team took to Twitter to announce that they had identified promising leads to potentially uncover the attacker’s identity. While expressing their preference not to ruin anyone’s life, they affirmed their commitment to follow through with their actions if necessary, implying a willingness to involve the police.
Jimbos Protocol describes itself as a reactive concentrated liquidity protocol aimed at maintaining the price of its token, JIMBO, above a specified floor price by utilizing Ether in the protocol’s treasury to defend the token’s value.
The protocol suffered a flash loan attack on May 28, resulting in the exploitation of its treasury-owned liquidity pool, with $7.5 million drained by the attacker. Analysis conducted by Numen Cyber Labs revealed that the attacker took advantage of a vulnerability in the JimboController contract, allowing them to manipulate the selling price of the JIMBO token and withdraw $7.5 million worth of Ether from the pool.
While DeFi exploits are a recurring issue in the Web3 ecosystem, there have been cases where attackers returned the majority of the funds after negotiations with development teams. Jimbos Protocol claims to be collaborating with the same security researchers and on-chain analysts who investigated previous similar incidents, such as the Euler Finance hack and the Sentiment exploit.