GMX Halts Trading After $40 Million Exploit

The GMX protocol, a decentralized exchange, was forced to halt trading on its GMX V1 platform following a significant exploit that resulted in the theft of $40 million in funds. The compromised liquidity pool, which provides liquidity providers with a basket of underlying digital assets including Bitcoin (BTC), Ether (ETH), and stablecoins, was targeted by an unknown attacker. The stolen funds were subsequently transferred to an unidentified wallet.

In response to the exploit, the GMX protocol also announced a temporary suspension of minting and redemption of GLP tokens on both the Arbitrum and Avalanche networks. This measure was taken to safeguard against any further fallout from the cybersecurity breach. Users of the platform were advised to disable leverage and adjust their settings to prevent GLP minting.

The GMX team clarified that the exploit did not affect GMX V2, its markets, or liquidity pools, nor did it impact the GMX token itself. According to the team, the vulnerability was isolated to GMX V1 and its GLP pool. Blockchain security company SlowMist attributed the exploit to a design flaw that allowed hackers to manipulate the GLP token price through the calculation of the total assets under management.

The incident highlights the ongoing challenges faced by the crypto industry in terms of security and cyber threats. Hacks and cybersecurity crimes continue to be major concerns, affecting both centralized platforms and decentralized exchanges. These incidents have resulted in billions of dollars in cumulative losses and have deterred new participants from adopting crypto due to the fear of being targeted by sophisticated threat actors.

The GMX exploit is part of a broader trend of cybersecurity breaches in the crypto industry. In the first half of 2025, losses from crypto hacks reached significant levels, with major incidents such as the Bybit hack in February resulting in substantial financial losses. In June, the Iranian crypto exchange Nobitex was targeted by a pro-Israeli hacker group, leading to over $81 million in losses and a temporary pause in services.

The United States Treasury’s Office of Foreign Assets Control (OFAC) also announced sanctions on Song Kum Hyok, a group of North Korea state-affiliated hackers, who have been involved in infiltrating several crypto companies and defense contracting businesses. These hackers have employed both social engineering scams and cybersecurity breaches to exploit organizations from within.

The GMX exploit underscores the need for enhanced security measures and vigilance within the crypto industry. As decentralized exchanges and other crypto platforms continue to evolve, it is crucial for developers and users alike to prioritize security to protect against such vulnerabilities and ensure the integrity of the ecosystem.