GMX suffers $42M hack, issues 10% bounty offer to hacker

A major security incident struck the decentralized exchange GMX, siphoning approximately $42 million from its Arbitrum-based v1 perpetual platform.

In response, GMX has sent an on-chain message to the hacker offering a 10% white-hat bounty.

The platform stated that no legal action will be pursued if the remaining funds are returned within 48 hours. This move mirrors common damage control tactics used by DeFi protocols facing major exploits.

Following the attack, the platform’s token dropped 17% to a two-month low of $11.7 as of press time.

Launched in 2021, GMX is available across major blockchain networks including Solana, Avalanche, and Arbitrum.

According to official metrics, the platform has processed over $305 billion in trading volume and collected more than $435 million in fees.

The Exploit

On July 9, blockchain security firm Cyvers reported that the exploit originated from a malicious smart contract deployed by an address funded through Tornado Cash, an Ethereum-based privacy tool often used to obfuscate transactions.

According to Cyvers, the attacker targeted a range of assets, including ETH, USDC, fsGLP, DAI, UNI, FRAX, USDT, WETH, and LINK.

Blockchain data reveals that about $9.6 million has already been bridged to Ethereum’s mainnet, while the remaining funds remain on the Arbitrum network.

On-chain analysts pointed out that the attacker carried out the hack by minting GLP tokens and redeeming them for high-value digital assets, which were later converted to ETH.

Circle under fire

Meanwhile, security experts have criticized Circle, the issuer of USDC, for its slow response to the incident.

Crypto analyst Ultra pointed out that the exploiter held $30 million in USDC at one point and continued to swap other tokens into the stablecoin without being blacklisted. Even an hour after the attack, $4.3 million in USDC remained untouched in the exploiter’s wallet.

The attacker has since shifted the USDC into DAI, a decentralized stablecoin on Ethereum.

This complaint mirrors similar issues prominent investigator ZachXBT has raised about Circle’s recurring delays in freezing suspicious funds.

The post GMX suffers $42M hack, issues 10% bounty offer to hacker appeared first on CryptoSlate.

The content on this page is provided by third parties. Unless otherwise stated, OKX is not the author of the cited article(s) and does not claim any copyright in the materials. The content is provided for informational purposes only and does not represent the views of OKX. It is not intended to be an endorsement of any kind and should not be considered investment advice or a solicitation to buy or sell digital assets. To the extent generative AI is utilized to provide summaries or other information, such AI generated content may be inaccurate or inconsistent. Please read the linked article for more details and information. OKX is not responsible for content hosted on third party sites. Digital asset holdings, including stablecoins and NFTs, involve a high degree of risk and can fluctuate greatly. You should carefully consider whether trading or holding digital assets is suitable for you in light of your financial condition.