On July 9, the decentralized buying and selling platform GMX suffered a significant exploit, resulting in the lack of $42 million in assorted cryptocurrencies.
Now, on-chain information reveals that the hacker has modified many of the stolen funds into 11,700 ETH.
The GMX Hack
The Wednesday incident noticed the attacker stealing over $10 million price of legacy Frax Greenback (FRAX), $9.6 million in wrapped Bitcoin (wBTC), and about $5 million in DAI stablecoin.
Following the breach, $9.6 million of the funds have been bridged to the Ethereum blockchain and exchanged into DAI and ETH, with an additional $32 million remaining on Arbitrum.
GMX confirmed the theft in a submit on X:
“The GLP pool of GMX V1 on Arbitrum has skilled an exploit. Roughly $40M in tokens has been transferred from the GLP pool to an unknown pockets.”
Nonetheless, in keeping with blockchain analytics platform Lookonchain, the dangerous actor has now exchanged all of the stolen property, besides FRAX, into 11,700 ETH, which they then despatched to 4 new wallets.
The protocol had earlier clarified that GMX V2, its markets, liquidity swimming pools, and the GMX token weren’t affected. It additionally introduced a brief pause on GLP token minting and redemption on each Arbitrum and Avalanche to stop additional impression and safe funds. Its customers have been later advised to disable leverage and replace their settings to dam additional GLP minting.
Moreover, GMX despatched an on-chain message to the hacker, providing a white-hat bounty price $4.2 million. The proposal additionally promised there can be no authorized penalties if the wrongdoer returned the remaining 90% inside 48 hours. Thus far, they haven’t responded.
A Re-Entrancy Exploit
A full postmortem report has not but been launched. Nonetheless, blockchain safety agency SlowMist has attributed the breach to a design flaw in GMX V1. The vulnerability enabled the exploiter to control the GLP token value by interfering with the system’s calculation of complete property below administration.
SlowMist defined that they used a operate that permits leverage throughout order execution and carried out a re-entrancy assault. These enable repeated calls inside one operate, inflicting a sensible contract to calculate the unsuitable steadiness.
By opening giant brief positions in a single transaction, the legal was capable of manipulate the worldwide value information. This motion artificially inflated the GLP token value and revenue by way of redemption.
Hacks and cybersecurity assaults stay a significant problem within the crypto business. A current CertiK report revealed that over $801.3 million was misplaced throughout 144 incidents in Q2 2025. Phishing was probably the most damaging, with $395 million stolen in 52 exploits. Code vulnerabilities adopted carefully, inflicting $235.8 million in losses throughout 47 instances.
The submit GMX Hacker Converts Stolen Loot into 11,700 ETH appeared first on CryptoPotato.