GMX Hacker Returns $20 Million After $5 Million Bounty Offer

On Wednesday, GMX v1, a decentralized perpetual trading platform on Arbitrum, was exploited through a design flaw that allowed the attacker to manipulate the value of GLP tokens and drain liquidity. The attacker initially made off with $40 million in various coins. However, hours later, blockchain security firm PeckShield flagged an on-chain message from the exploiter: “Ok, funds will be returned later.” Shortly after, funds started flowing back to the address specified by GMX.

So far, approximately $20 million has been returned, including $9 million in ETH and over $10 million in FRAX tokens across two separate transfers. The GMX team publicly acknowledged the hacker’s technical prowess and offered a $5 million white hat bounty in exchange for the safe return of the assets. The bounty, close to 10% of the stolen funds, came with no strings attached, allowing the hacker to spend it freely and legally, with assistance from GMX to prove its source if needed.

In a message sent on-chain, GMX also warned the attacker that legal proceedings would begin within 48 hours if the funds weren’t returned. The combination of incentives and pressure appears to have worked. This partial recovery is a win for the GMX protocol and its users, though questions remain around the exploit’s root cause and whether more funds will be returned. Still, the use of a white hat bounty, rather than law enforcement alone, shows a growing trend in decentralized security negotiations.

As DeFi platforms grow in size and complexity, bounties and on-chain diplomacy may play an increasingly important role in managing risks and damage control. This approach not only helps in recovering stolen assets but also fosters a sense of community and trust within the DeFi ecosystem. The hacker behind the $40 million GMX exploit has begun returning the stolen crypto after accepting a $5 million white hat bounty offered by the GMX team. The hacker who stole $40 million from GMX has started returning the funds after accepting a $5 million white hat bounty. So far, about $20 million has been returned in ETH and FRAX tokens following on-chain messages from the hacker. GMX offered 10% of the stolen funds as a bounty and warned of legal action if the rest isn’t returned within 48 hours.