đ¨ GMX Freezes V1 Trading After $42M Exploit Drains Arbitrum Liquidity Pool
GMX just pulled the emergency brake. The decentralized trading platform halted V1 operations after a $42 million digital heist siphoned funds from its Arbitrum liquidity poolâproof that even 'trustless' systems aren't immune to old-fashioned theft.
Anatomy of a Crypto Raid
Attackers exploited a vulnerability in GMX's v1 contracts, bypassing safeguards to drain the pool. The platform's native token dipped 8% post-announcementâbecause nothing reassures investors like a nine-figure security failure.
DeFi's Recurring Nightmare
This isn't GMX's first rodeo. The protocol suffered a $565k oracle manipulation attack in 2022. Yet here we are, watching the same movie with a bigger budgetâcomplete with the classic 'we're investigating' tweetstorm from the team.
The Irony of 'Immutable' Code
GMX touts non-custodial trading as the future. Too bad the future still requires human-written smart contractsâand human-error-prone developers. Meanwhile, Wall Street bankers smirk while sipping $42 million martinis.

- GMX lost $42M after a crypto hacker exploited its V1 GLP pool on Arbitrum using a logic flaw.
- The attacker swapped stolen funds into ETH, DAI, and other tokens before bridging to Ethereum.
- To recover funds without enforcing legal charges, GMX offered a 10% bounty and suspended V1 trading.
A major security breach hit the decentralized trading platform GMX on Wednesday morning, draining more than $40 million from its GLP liquidity pool. To contain further risks, the GMX team responded by halting all V1 trading and GLP minting and redemption on both Arbitrum and Avalanche networks.
The GLP pool of GMX V1 on Arbitrum has experienced an exploit. Approximately $40M in tokens has been transferred from the GLP pool to an unknown wallet.
Security has always been a core priority for GMX, with the GMX smart contracts undergoing numerous audits from top securityâŚ
This incident adds to increasing concerns over the unstable safety of decentralised financing systems particularly those that involve Leveraged trading.
GLP Pool Breach Prompts Trading Suspension
The targeted pool was the GMX V1 GLP pool that acts as the leading liquidity provider in perpetual and spot transactions on the Arbitrum network. According to GMXâs official statement, the exploit did not affect GMXâs V2 protocol, its primary GMX token, or other supported liquidity pools and trading markets.
Blockchain analytics firms PeckShieldAlert and Arkham Intel reported that the crypto hacker moved the stolen funds through several channels, swapping assets such as USDC for ETH, then to DAI, and transferring out millions in FRAX, wrapped bitcoin, and wrapped ETH. The hackerâs wallet currently holds nearly $44 million in digital assets.
The attacker reportedly used a malicious contract funded via Tornado Cash to mask their identity and route stolen funds across networks. Data from Cyvers and Lookonchain indicates that the attacker bridged about $9.6 million to ethereum through Circleâs Cross-Chain Transfer Protocol before swapping it into DAI.
GMX announced that all the leveraged trading functions on V1 are frozen, and users should change their platform settings accordingly. The team is also halting GLP minting and redemption on Avalanche to protect remaining assets and user funds. The company will continue to prioritize investigating the exploit vector and mitigating any further risk to users.
The Rise of Wrench Attacks in Crypto: The Disturbing Shift From Online Hacks to Physical Violence
GMX Offers Bounty as Token Drops 18% Post-Exploit
An initial analysis from the blockchain security firm SlowMist and other investigators indicates that the attack took advantage of a mistake in how the GLP price was calculated, which let the attacker create GLP without backing it and exchange it for many different assets. This flaw enabled the rapid withdrawal of over $40 million in ETH, USDC, fsGLP, DAI, UNI, FRAX, USDT, WETH and LINK in a single transaction.
In addition, GMX responded to the hacker by offering a 10% white-hat bounty and stated that no law enforcement action should be taken if the funds are returned within 48 hours. According to The Block Price Page GMX, the protocolâs price dropped by approximately 18% after the exploit with the GMX token falling from $14.42 to $11.78.
Crypto Hack Highlights Limitations of DeFi Audits
Although the GMX V1 contracts have passed audits by Quantstamp and ABDK Consulting, they failed to withstand this targeted exploit. The audits failed to detect the exact logic vulnerability, allowing the attacker to manipulate the protocolâs leveraged position calculations. The crypto hack illustrates a flaw in decentralized finance in which security reviews often miss unique, protocol-specific risks that are exploited later.
Furthermore, a broader trend of crypto hacks targeting crypto exchanges and DeFi platforms coincides with this hack. According to a blockchain analysis firm, Chainalysis, more than $2.5 billion was lost in the first half of 2025 alone due to crypto hacks and exploits.
Crypto Hacks Hit $2.1B in H1 2025, TRM Labs Cites Surge in State-Sponsored Crime