Hacker of #GMX returns $40 million stolen and takes $5 million in reward!
The hacker who exploited the decentralized platform GMX, stealing $42 million on July 9, 2025, has returned approximately $40.5 million after accepting a reward of $5 million offered by the protocol as a "white hat bounty".
The attack, which took advantage of a reentrancy vulnerability in the GMX V1 OrderBook contract on Arbitrum, allowed the attacker to manipulate the price of the GLP token and drain assets such as FRAX, USDC, WBTC, and WETH.
After on-chain negotiations, the hacker began to return the funds in multiple transactions, including $10.49 million in FRAX and 11,700 ETH (valued at $35 million after a rise in the price of Ethereum), retaining a profit of $3 million and the reward, totaling about $4.5 million.