GMX Exploiter Begins Refunding After $40M Hack, Token Soars
GMX Exploiter Recovers $40M in Days After Hack, Token Price Soars
This week, attackers exploited a re-entry vulnerability in the OrderBook contract, allowing them to manipulate short positions in BTC, increase the price of GLP, and buy it back for a significant profit.
Shaurya Malwa | Edited by Oliver Knight Updated 11 July 2025, 16:46 Published 11 July 2025, 10:41
Key facts:
- The attacker who stole more than $40 million from GMX V1 contracts has begun returning funds, indicating that he has accepted a $5 million bounty from “white hat hackers.”
- Initially, over $10.5 million in FRAX tokens were returned to the GMX developer wallet, with the remaining amount sent shortly thereafter.
- The hack occurred due to a re-entry error in the OrderBook GMX contract, which resulted in the suspension of trading and V1 token issuance on the Arbitrum and Avalanche platforms.
The attacker who stole more than $40 million from GMX V1 contracts earlier this week has begun returning the funds, implying he has agreed to accept a $5 million extortion bounty on the project.
The first sign of this happening came on Friday, when a message was posted online: “okay, the funds will be returned later.”
