The GMX platform exploiter returns $40 million after accepting a $5 million bounty
The exploiter of the decentralized trading platform "GMX" has returned at least $40.5 million in digital assets that were stolen during an attack that occurred on July 9, after exploiting a vulnerability in the smart contracts of the "GMX V1" platform.
According to an analysis by "PeckShield", the returned assets included ETH and FRAX tokens, with $10.49 million of FRAX returned first, followed by $32 million in Ethereum, which was later valued at $35 million due to the rise in ETH price.
#PeckShieldAlert #GMX Exploiter has returned another 1K $ETH (worth ~$3M) to the #GMX Security Committee Multisig address
The #GMX Security Committee Multisig address currently holds a total of $40.5M worth of cryptos, including ~10K $ETH & 10.5M $FRAX pic.twitter.com/kHmuae59QU
— PeckShieldAlert (@PeckShieldAlert) July 11, 2025
The exploiter kept the price difference as a bounty under GMX's "voluntary acceptance" offer, which included a promise not to take legal action in exchange for returning the funds within 48 hours.
The incident resulting from the re-entry attack did not affect the "GMX V2" protocol, which does not have the same security flaw.
After the incident, the team raised the minting limits on V2, while the price of GMX rose by more than 13% following the restoration of confidence.
