- At the time of writing, the total amount returned to GMX was about $20 million.
- GMX has recognized the technical refinement of the exploit and issued a $5 million bounty to repay the funds.
- The attacker reportedly manipulated the price of the GLP token and released various crypto assets from the platform.
The attacker who exploited the vulnerability of the GMX V1 distributed exchange and stole around $40 million in cryptography, began repaying the stolen assets after accepting the bounty offered by the GMX team.
According to blockchain security company Peckshield, hackers have recognized the prize money and sent chain-on-chain messages indicating their willingness to cooperate.
“OK, the funds will be returned later,” Exploit wrote in a blockchain transaction, referring to the terms outlined by GMX for partial returns of stolen funds.
Hackers begin transferring funds
Less than an hour after the message was aired, the attackers began transferring funds to addresses specified by GMX.
Peckshield reported that about $9 million in ether (ETH) had been sent to the team.
The Ethereum address used in the transaction is labeled GMX Exploiter 2 on the blockchain tracking platform.
Peckshield also flagged two separate Frax Stablecoins, with the attacker returning $5.5 million in one deal and another $5 million.
At the time of writing, the total amount returned to GMX was approximately $20 million, representing half of the stolen assets.
The original exploit that occurred Wednesday targeted the liquidity pool of GMX V1, a permanent trading protocol deployed on the Arbitrum Layer 2 network.
The attacker reportedly emitting various crypto assets from the platform by manipulating the price of GLP tokens and exploiting the protocol’s design flaws.
GMX provided a $5 million white hat bounty
In response to the violation, GMX recognized the technical refinement of the exploit and issued a $5 million bounty to return the funds.
In a post on X (formerly Twitter), the GMX team spoke directly to the hackers and offered prizes under the “White Hat” classification.
“You’ve done the exploit well, and your ability to do so is clear to those considering trading exploits,” writes GMX. “The $5 million White Hat Bug Bonus will remain available.”
The team emphasized that the prize money is intended to eliminate legal and practical risks associated with the use of stolen cryptography.
GMX also offered to provide proof of funding if necessary, allowing the exploit to pass compliance checks or audits.
In addition to public bounty, the GMX team issued a chain ultimatum and said that if funds are not returned, legal action will be pursued within 48 hours.
Discover more from Earlybirds Invest
Subscribe to get the latest posts sent to your email.
