- Decentralized ExchangeGMX was hacked on July 9, 2025 for round $42 million
- The attacker exploited the platform’s GLP liquidity pool and launched a number of crypto belongings
- GMX group sends on-chain messages to hackers that present 10% “white hat” bounties to return the funds
Decentralized By-product Alternate GMX confronted a serious safety breaches on July 9, 2025. The attackers exploited the platform’s GLP liquidity pool and stole round $42 million in crypto belongings.
Blockchain safety firm Peckshield confirmed the occasion and tracked hacker transactions via the chain. In keeping with their evaluation, the attackers bridged Ethereum about $9.6 million shortly after the preliminary exploit.
How the attacker discharged and moved the funds
Hackers moved their funds at a number of phases. First, we drained liquidity from the USDC stablecoins pool. They then swapped the USDC for ETH after which transformed a few of it to Dai Stablecoin.
We additionally extracted a major quantity of FRAX, wrap bitcoin (WBTC), wrap ether (WETH), and several other different tokens. These transactions ran throughout totally different chains and included advanced swaps designed to cover the fund’s actions.
Associated: Does Ethereum have its personal “nvidia second”?
In response, GMX used the identical chain to ship a message on to the attacker’s pockets tackle. The message admitted to misuse the GMX V1 and proposed a ten% white hat prize.
GMX presents hackers a $4.2 million “white hat” bounty
In response to the assault, the GMX group used on-chain transactions to ship a message on to the attacker’s pockets tackle. The message granted the GMX V1 exploit and proposed a ten% white hat prize with out authorized motion connected.
The GMX group offered the hackers with a prize value round $4.2 million in trade for the return of the remaining 90% of their stolen belongings. The message stated that if the attacker is compliant inside 48 hours, GMX won’t pursue authorized motion towards them.
Arkham Intelligence’s blockchain knowledge reveals that wallets associated to the exploits presently maintain practically $44 million. No funds have been returned on the time of writing.
Launched in 2021 and primarily working on the Arbitrum community, GMX helps leveraged buying and selling of belongings comparable to BTC, ETH, and Avax. Following the exploit, customers and the broader Defi group are awaiting full autopsy evaluation from the group, rigorously watching additional chain actions via the exploit.
Disclaimer: The data contained on this article is for info and academic functions solely. This text doesn’t represent any sort of monetary recommendation or recommendation. Coin Version shouldn’t be answerable for any losses that come up on account of your use of the content material, services or products talked about. We encourage readers to take warning earlier than taking any actions associated to the corporate.
