GMX Hacker Accepts Bounty, Returns $40M Stolen Funds

The hacker behind the exploit on the decentralized exchange GMX has returned the stolen funds, indicating that he has accepted the project’s 10% bounty offer. 

Recall that the protocol gave the attacker 48 hours to respond to their offer. If the attacker fails to comply, they plan to explore legal options to recover the assets. 

GMX Hacker Escapes Legal Consequences

In an X post, the blockchain-security firm PeckShieldAlert announced that the hacker has returned $40 million worth of stolen assets. The funds were sent to the GMX Security Committee Multisig address. 

#PeckShieldAlert #GMX Exploiter has returned a total of $37.5M worth of cryptos, including ~9K $ETH & 10.5M $FRAX to the #GMX Security Committee Multisig address pic.twitter.com/yBar1dp0Is

— PeckShieldAlert (@PeckShieldAlert) July 11, 2025

According to on-chain data, the returned funds included 10,000 ETH worth over $30 million and 10.5 million FRAX valued at approximately $10.5 million. 

GMX Security Breach

On July 9, GMX was hit by a $40 million exploit, which targeted its V1 smart contracts that underpin the GLP pool (liquidity pool). The attacker siphoned off assets including legacy FRAX, wBTC, DAI, USDC, and more. According to GMX, the breach did not affect GMX V2 or its native token. The team responded swiftly by suspending trading and GLP minting and redemption on Arbitrum and Avalanche to prevent further damage.

Additionally, they released guidelines for GMX V1 forks to reduce similar vulnerabilities. They will also initiate a DAO-level discussion to explore additional reimbursement options. GMX noted that the remaining funds will be allocated for reimbursement, and affected users will be able to close their positions. 

Despite the project’s assurances that the native token was unaffected by the breach, the asset dropped more than 18% following the incident. Moreover, the protocol proposed a 10% white-hat bounty to the hacker if the stolen assets are returned within 48 hours. 

Fast forward to today, and the hacker has accepted the project’s bounty proposal, returning 10% of the stolen funds. Following this action, GMX’s native token has begun to recover. According to market data, the token has experienced a significant price uptick of 13.6% in the last 24 hours. It changes at $13.17 at the time of writing. Earlier this year, the attacker behind the hack on the decentralized protocol KiloEx returned all of the stolen funds. Similar to GMX, the platform also offered the hacker a 10% bounty.

The post GMX Hacker Accepts Bounty, Returns $40M Stolen Funds appeared first on Cointab.