• On the time of writing, the entire quantity returned to GMX was about $20 million.
• GMX has acknowledged the technical refinement of the exploit and issued a $5 million bounty to repay the funds.
• The attacker reportedly manipulated the worth of the GLP token and launched numerous crypto property from the platform.

The attacker who exploited the vulnerability of the GMX V1 distributed alternate and stole round $40 million in cryptography, started repaying the stolen property after accepting the bounty provided by the GMX group.

In keeping with blockchain safety firm Peckshield, hackers have acknowledged the prize cash and despatched chain-on-chain messages indicating their willingness to cooperate.

“OK, the funds will likely be returned later,” Exploit wrote in a blockchain transaction, referring to the phrases outlined by GMX for partial returns of stolen funds.

Hackers start transferring funds

Lower than an hour after the message was aired, the attackers started transferring funds to addresses specified by GMX.

Peckshield reported that about $9 million in ether (ETH) had been despatched to the group.

The Ethereum handle used within the transaction is labeled GMX Exploiter 2 on the blockchain monitoring platform.

Peckshield additionally flagged two separate Frax Stablecoins, with the attacker returning $5.5 million in a single deal and one other $5 million.

On the time of writing, the entire quantity returned to GMX was roughly $20 million, representing half of the stolen property.

The unique exploit that occurred Wednesday focused the liquidity pool of GMX V1, a everlasting buying and selling protocol deployed on the Arbitrum Layer 2 community.

The attacker reportedly emitting numerous crypto property from the platform by manipulating the worth of GLP tokens and exploiting the protocol’s design flaws.

GMX supplied a $5 million white hat bounty

In response to the violation, GMX acknowledged the technical refinement of the exploit and issued a $5 million bounty to return the funds.

In a submit on X (previously Twitter), the GMX group spoke on to the hackers and provided prizes beneath the “White Hat” classification.

“You’ve got finished the exploit properly, and your means to take action is evident to these contemplating buying and selling exploits,” writes GMX. “The $5 million White Hat Bug Bonus will stay out there.”

The group emphasised that the prize cash is meant to get rid of authorized and sensible dangers related to using stolen cryptography.

GMX additionally provided to supply proof of funding if vital, permitting the exploit to move compliance checks or audits.

Along with public bounty, the GMX group issued a sequence ultimatum and mentioned that if funds will not be returned, authorized motion will likely be pursued inside 48 hours.