GMX Hacker Profits 3 Million From 43 Million Heist

The recent actions of the GMX hacker have left the crypto community in a state of uncertainty and speculation. On July 9, the decentralized trading platform GMX Exchange on Arbitrum and Avalanche was targeted in a significant hack, resulting in the theft of approximately $42 million from the platform's GLP liquidity pool. The stolen tokens included USDC, WETH, WBTC, DAI, LINK, and FRAX, causing a sudden 10% decrease in the platform's token prices. The price is now trading at $13.21 with an increase of 13.38%.

The attack was detected when a suspicious wallet, starting with "0xdf3340a4…", showed an over 800% increase in balance. Blockchain security companies promptly marked this activity as suspicious, and the platform confirmed the hack on social media site X. The hacker had financed their wallet days prior using Tornado Cash, a crypto mixer commonly utilized to conceal funds, indicating a planned attack. In response, the exchange immediately shut down trading, minting, and redeeming of GLP tokens on Arbitrum and Avalanche to prevent further losses.

The hacker utilized Circle's Cross-Chain Transfer Protocol (CCTP) to transfer stolen USDC from Arbitrum to Ethereum before swapping it into DAI. This move raised questions about why Circle was not able to freeze the stolen funds in a timely manner. After remaining silent for a while, the hacker refunded $10.49 million in FRAX and received a $5 million white-hat reward provided by the platform. The agreement was meant to bring the saga to an end, but the narrative did not end there.

Before sending back the funds, the hacker had converted the remaining stolen assets of approximately $32 million into 11,700 ETH. Now, those 11,700 ETH are valued at approximately $35 million due to ETH's price increase, meaning the GMX Hacker made a profit of $3 million through the process. The community is now questioning whether the hacker will return the entire 11,700 ETH or keep the $3 million profit, raising suspicions that this white-hat transaction could be a veiled exit scam.

Up to now, only the FRAX has been returned, and the crypto world is waiting with bated breath. The hacker's next move will reveal a lot about their motivations—whether they are an ethical hacker or an opportunist. This incident has shocked the community, as the situation with ETH remains too unclear, making people restless. Was it a clever trick or honest bug-reporting? What comes next may shape how future white-hat deals are handled and whether users continue to trust the systems built around them.

The decentralized exchange GMX confirmed that an exploit had drained $43 million in funds, despite claiming robust third-party audits. The platform is now offering a 10% bounty if the attacker returns the remaining 90% within 48 hours. This incident highlights the ongoing security challenges in the crypto space, where platforms must continually adapt to protect against sophisticated attacks. The hacker's decision to return a portion of the stolen funds adds a layer of complexity to the situation, as it could be seen as an attempt to mitigate the fallout or as a strategic move to avoid further scrutiny. The community's response will be crucial in determining the hacker's motives and the potential impact on the broader crypto ecosystem.