• Send Us A Tip
  • Calling all Tech Writers
  • Advertise
Tuesday, July 14, 2026
  • Login
TechStory
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to
No Result
View All Result
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to
No Result
View All Result
TechStory
No Result
View All Result
Home Crypto

GMX Exploiter Returns $40M After $42M Hack

by Anindya Paul
July 12, 2025
in Crypto
Reading Time: 3 mins read
0
GMX

Source: Coin Edition

TwitterWhatsappLinkedin

On July 9, 2025, decentralized perpetual futures platform GMX suffered a $42 million exploit. Yet, in a surprising turn, the hacker returned almost the entire haul within 48 hours—after negotiations and a bounty offer from the GMX team. The unusual outcome invites speculation about the changing nature of DeFi security, and the importance of financial disincentives in preventing long term damage.

You might also like

Strategy Bolsters Cash Reserves to $3 Billion While Holding Bitcoin Steady

Wall Street Giant Morgan Stanley Quietly Accumulates Massive Bitcoin Fortune

Trump Pushes for Landmark Crypto Bill to Honor the Late Senator Lindsey Graham

The Heist: Where $42M Went

The attack did not target GMX directly but rather the GLP liquidity pool on Arbitrum on GMX’s Version 1. The attacker was able to execute a complicated reentrancy exploit, and exploited the Global AUM to inflate both the token- and pool-value of GLP tokens. The attacker exploited information asymmetry by minting and redeeming GLP tokens at an inflated price when they withdrew GMX’s liquidity pool. The attacker drained GMX’s liquidity pool (an estimated $42 million) including stablecoins, wrapped BTC/ETH, DAI, and FRAX.

Hack to Healed: An On Chain Negotiation

Shortly after the hack, GMX published an on chain message offering a 10% white hat bounty (around $4–5 million) in exchange for full—or near-full—return of the stolen assets within 48 hours.
At 07:29 am London time on Friday, the exploiter replied via blockchain: “Ok, funds will be returned later.” And return they did—starting at 09:08 am. The hacker sent $10.4 million in stablecoins, followed by 10,000 ETH and additional assets, amounting to roughly $40.5 million.

Bounty or Ethics? A Mystery Incentive

Whether the hacker took the full 10% bounty remains unclear—but the numbers suggest a profit was made. Ether’s 14% rise in value during the window likely netted the exploiter an extra $3–5 million. By returning over 90% of the funds, the hacker avoided legal reprisals and still walked away with a tidy gain.

GMX’s Damage Control

After the exploit, GMX suspended V1 activities on both Arbitrum and Avalanche, stopped minting GLP tokens, and encouraged forked protocols to immediately address similar vulnerabilities. The GMX native token, GMX, dropped ~28% first to $10.45 but was ~14% higher again once the return was established—indicating some level of faith had been restored among investors. The Exploit Some security auditors, including SlowMist and SolidityScan, were able to conduct thorough forensic assessments. They determined that the exploit was based on calling executeDecreaseOrder() with a malicious contract. This called the fallback function and allowed reentrancy to occur when funds were refunded. The perpetrator was able to take advantage of a timing issue in the getAum() function, a lag in pricing short positions, which resulted in increasing the value of GLP redemptions. GMX has noted that Version 2 was safe, and that the token structure was also safe, because the vulnerability was only relevant in V1.

Why this is Important

  1. Unbelievably unique white hat outcome: Most DeFi hacks result in permanent losses, but in the GMX hack, the hacker’s choice to voluntarily return the funds, due to financial incentives, is only one of a few circumstances in recent times (like Euler Finance in 2023).
  2. Bugs using legacy code: While DeFi continues to improve, mature or older contracts like GMX V1 remain susceptible to new hacks. Other platforms that deployed their code via V1 urgently need to conduct audits and update their code.
  3. Maturity of a playbook for crisis: This incident provides evidence that under certain conditions, a bounty strategy is more favorable than legal recourse in regards to recovering stolen funds and limiting reputational impact.

Next Steps

GMX is working on a plan to compensate users impacted by the hack, while its governance functions are deliberating at length about how to respond. The whole DeFi ecosystem is watching. Is the DAO model for crisis management about to adopt bounties? Can this model be standardized?
This incident is a good reminder: hacks can happen, but the technical response that happens after, along with creative incentive strategies could lead to a new way to manage crisis playbooks for decentralized finance.

Tweet58SendShare16
Previous Post

Grok AI to Power Tesla Vehicles Soon, Says Elon Musk Amid Controversies and Major Updates

Next Post

How to see past stories on Facebook?

Anindya Paul

Professional content creator with strong expertise in content writing, filmmaking and social media strategy. Skilled in digital storytelling, scriptwriting, video production, sound design and graphic design - crafting compelling narratives across platforms. Known for delivering high-quality, engaging content under tight deadlines. A collaborative team player with a sharp creative instinct, adaptability to evolving trends, and a focus on impactful, results-driven communication.

Recommended For You

Strategy Bolsters Cash Reserves to $3 Billion While Holding Bitcoin Steady

by Anindya Paul
July 14, 2026
0
Strategy

For years, the corporate world has watched Strategy relentlessly accumulate digital assets. Under the guidance of Executive Chairman Michael Saylor, the company essentially wrote the playbook on transforming...

Read more

Wall Street Giant Morgan Stanley Quietly Accumulates Massive Bitcoin Fortune

by Anindya Paul
July 14, 2026
0
Morgan Stanley

The cryptocurrency market is famous for its constant ups and downs, but massive institutional investors seem to rely on a much steadier strategy. Recently, one of Wall Street's...

Read more

Trump Pushes for Landmark Crypto Bill to Honor the Late Senator Lindsey Graham

by Anindya Paul
July 14, 2026
0
CLARITY Act

President Donald Trump is leaning on the Senate to push forward a major piece of cryptocurrency legislation, framing the move as a tribute to the late Senator Lindsey...

Read more
Next Post
Facebook stories

How to see past stories on Facebook?

Please login to join discussion

Techstory

Tech and Business News from around the world. Follow along for latest in the world of Tech, AI, Crypto, EVs, Business Personalities and more.
reach us at info@techstory.in

Advertise With Us

Reach out at - info@techstory.in

Aviator Game India 2026

BROWSE BY TAG

#Crypto #howto 2024 acquisition AI amazon Apple Artificial Intelligence bitcoin Business China cryptocurrency e-commerce electric vehicles Elon Musk Ethereum facebook funding Gaming Google India Instagram Investment ios iPhone IPO Market Markets Meta Microsoft News OpenAI samsung Social Media SpaceX startup startups tech technology Tesla TikTok trend trending twitter US

© 2025 Techstory.in

No Result
View All Result
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to

© 2025 Techstory.in

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?