Hacker Returns $40 Million Stolen From GMX After Negotiating Reward

The attacker has returned nearly all the funds that were stolen from the GMX protocol and accepted the $5 million reward offered by the project team.

An unidentified individual siphoned assets from the GLP pool on GMX V1 in the Arbitrum network. The breach affected USDC, FRAX, wBTC, and wETH.

The GMX team sent an on-chain message to the hacker, proposing a 10% bounty and guaranteeing no legal action would be taken if the remaining 90% were returned within 48 hours.

The hacker responded:

*“Okay, the funds will be returned later.”*

Shortly afterward, he sent two transactions of 5.5 million FRAX and 5 million FRAX to the GMX address. Later, the hacker also returned approximately 9000 ETH (around $27 million).

Following the incident, the native GMX token dropped by 28%, reaching $10.45. However, in light of the news about the returned funds, the price surged by 15.8%. As of the time of writing, the asset is trading at $13.3.

In the report regarding the hack, the team confirmed that V1 on Arbitrum was impacted by a re-entry vulnerability in the OrderBook contract. This flaw allowed the attacker to manipulate Bitcoin prices and withdraw liquidity for profit.

The developers emphasized that the second version of the protocol was not affected. In the future, minting and redeeming GLP on the Arbitrum network will be disabled. The remaining funds will be used to compensate users for their losses.

It’s worth noting that in June, the Resupply stablecoin protocol lost approximately $9.5 million in a hack, where the attacker exploited a vulnerability in the exchange rate calculation system.