Recommended

#BTCCOGWEEK: Celebrate the Classics of Meme Coins
Crypto Deposit Make instant crypto transfers to your futures account
USDT-M Perpetual Futures Trade futures contracts settled in USDT
VIP Fee Discounts Enjoy different fee discounts based on your VIP level
Coin-M Perpetual Futures Trade futures contracts settled in cryptocurrency
Fiat Deposit Buy your favourite coins in seconds
Affiliates Invite friends & get rewarded
Convert Covert your crypto instantly
Support Centre Find our FAQs here
Announcements Find all our official announcements
BTCC Academy Learn about blockchain and crypto
News The latest trends in the crypto market

Promotions

Referral
Campaigns
Assets
Crypto Deposit
Fiat Deposit
Convert
Transfer
Withdraw
My vouchers
Fund history
Dashboard
Account Security
Identity verification
API Management
Transaction Report
Log out
Register
BTCC / BTCC Square / Cryptopotato /
GMX Hacker Strikes Deal: Returns $40M, Pockets $5M Bounty in Crypto Heist Twist

GMX Hacker Strikes Deal: Returns $40M, Pockets $5M Bounty in Crypto Heist Twist

Author:
Cryptopotato
Published:
2025-07-11 12:22:56
13
1

GMX Hacker Returns Stolen $40 Million, Accepts $5M Bounty

In a plot twist even Hollywood wouldn’t greenlight, the GMX exploiter just pulled off the ultimate 'return-to-sender' maneuver—with a hefty bonus.

The heist undone (mostly)

$40 million in stolen funds boomeranged back to GMX after negotiations—because nothing says 'trustless' like a good old-fashioned bounty deal. The hacker walks away with a cool $5 million 'finder’s fee,' proving crime does pay… if you give most of it back.

DeFi’s awkward dance with justice

White hats? Grey hats? Try 'beige finance'—where exploits get resolved through backchannel deals instead of handcuffs. The blockchain never forgets, but apparently it’s open to installment plans.

The fine print no one reads

Another day, another protocol learning the hard way that 'code is law' until someone finds a loophole big enough to drive a dump truck of ETH through. At least this time the auditors got off easy—the hacker did their KYC (Keep Your Crypto) verification.

Root Cause of the Exploit

Recall that the hacker exploited GMX’s smart contracts to steal the funds on July 9. A postmortem report from the firm confirmed that it was a re-entrancy attack. The exploiter took advantage of a smart contract function that could not prevent re-entrancy issues within the same smart contract.

This design flaw on GMX V1 enabled the criminal to place multiple calls within one function and caused the contract to calculate the wrong balance. They were able to artificially inflate the price of GLP, which is the liquidity provider token for GMX.

After the breach, they stole several assets, including Wrapped Bitcoin (WBTC), FRAX, and DAI. They eventually bridged the funds from Arbitrum to Ethereum and converted all, except FRAX, to 11,700 ETH.

While the hacker made these moves, GMX dropped an on-chain message, offering a 10% WHITE hat bounty in exchange for the stolen funds. The proposal would last for 48 hours, with a promise of no legal consequences.

Hacker Returns Stolen Funds

Earlier today, the hacker responded to GMX’s 10% bounty offering, with a message that read: “Ok, funds will be returned later.” They first returned $10.49 million FRAX to the GMX Security Committee Multisig address. The remaining $32 million, which were swapped for ETH earlier, have also been returned in batches.

Notably, the $32 million ETH was worth $35 million today following the spike in ether’s price. The hacker took the $3 million profit and returned the original amount. Therefore, they took a bounty of roughly $4.5 million and returned a total of $40.5 million.

Meanwhile, GMX has confirmed that the incident did not affect its V2 protocol, as the chain does not have the vulnerability that enabled the attack on V1. The team has lifted the minting caps it placed on liquidity tokens for GMX V2 on Arbitrum and Avalanche.

GMX, the native token of the GMX platform, has also recovered from a sudden dip caused by the incident. Data from CoinMarketCap shows the asset is up over 13% today.

|Square

Get the BTCC app to start your crypto journey

Download on the App Store GEI IT ON Google Play

Get started today Scan to join our 100M+ users

Exchange for a better future

Products
Services
Guides
About Us
Terms & Agreement
Customer Service
Social Media

Risk warning: Digital asset trading is an emerging industry with bright prospects, but it also comes with huge risks as it is a new market. The risk is especially high in leveraged trading since leverage magnifies profits and amplifies risks at the same time. Please make sure you have a thorough understanding of the industry, the leveraged trading models, and the rules of trading before opening a position. Additionally, we strongly recommend that you identify your risk tolerance and only accept the risks you are willing to take. All trading involves risks, so you must be cautious when entering the market.

The world’s longest-running cryptocurrency exchange since 2011 © 2011 - 2025 BTCC.com. All rights reserved