GMX Hacker Strikes Deal: Returns 90% of Stolen Funds, Keeps 10% as ’Ethical Bounty’

In a plot twist even Hollywood wouldn’t greenlight, the GMX exploiter just turned white-hat—for a price.

The 10% Solution: Hacker Plays Robin Hood (With a Fee)

After draining funds from GMX’s protocol, the attacker agreed to return 90%—pocketing a cool 10% ‘bounty’ for their ‘services.’ Because nothing incentivizes good behavior like a profit-sharing agreement.

DeFi’s New Normal: Crime With a Money-Back Guarantee

While traditional finance wastes time with ‘regulations’ and ‘audits,’ crypto pioneers efficiency: steal first, negotiate later. The hacker’s 10% cut now sets precedent for future ‘ethical breaches’—because who needs law enforcement when you’ve got profit motives?

GMX users await their partial refunds, wondering if this counts as ‘community-driven security innovation’ or just financial Stockholm syndrome. Meanwhile, Wall Street bankers weep into their spreadsheets—why bother with insider trading when crypto offers bulk discounts on restitution?

Lookonchain reports that the hacker agreed to return $42 million in crypto in return for a 10% bounty, receiving around $5 million. Till now, $10.49 million in FRAX has been returned, with roughly $32 million of stolen tokens swapped into 11,700 ETH, now worth about $35 million, netting a gain of $3 million.

GMX had halted trading and GLP minting on Arbitrum and Avalanche after what it described as a re-entrancy attack. The attacker manipulated the OrderBook contract and inflated GLP prices, allowing withdrawal of large funds.

GMX publicly offered the 10% bounty through an on-chain message, assuring the hacker that no legal action WOULD follow if the funds were returned within 48 hours. This prompt move was praised for limiting potential losses. So far, the protocol has received a total of $10.5 million via FRAX transfers.

Whatever remains in ETH is now being held across multiple wallets after conversion. PeckShield has tracked these movements and flagged around 9,000 ETH returns and the rest split for storage or possible mixing.

Following the hackers’ message, GMX’s native token spiked over 14%, which fell nearly 28% after the hack, dipping around $10.45. At the time of writing, GMX token is trading at $13.29–as per CoinMarketCap data.

A full post-mortem confirmed the hack only affected GMX V1 and not its V2 or native token. The breach prompted suspension of V1 features, guidance for forks, and internal review of smart contract vulnerabilities.

Going forward, GMX emphasized that it will route remaining funds to reimburse affected users and hold a DAO discussion on further action. For now, many await to see whether the hacker will surrender all 11,700 ETH or sell some to keep the $3 million profit.

Also Read: Florida AG Investigates Robinhood Over Crypto Trading Claims