GMX Hack: All Stolen Funds Returned, Attacker Retains $5 Million Bounty
In an unexpected turn of events, the hacker responsible for the recent US$40 million hack of the decentralised exchange GMX has returned the full amount stolen, benefitting from slight market gains that increased the total to slightly more than what was initially taken. The hacker is expected to retain a US$5 million bounty under a white hat agreement established with GMX.
The breach exploited a pricing flaw within GMX v1’s GLP liquidity pool on the Arbitrum network, enabling the attacker to manipulate asset valuations effectively draining funds from the platform. According to the security firm PeckShield, the return of the stolen funds was confirmed, coinciding with significant market movements as Bitcoin approached new highs and Ethereum exceeded AU$4,500.
Details of the Incident
The hack targeted GMX’s liquidity pool by taking advantage of vulnerabilities associated with the GLP token mechanics. The attacker adeptly resolved value calculations to extract numerous assets from the platform, as revealed by blockchain data.
In a proactive move, GMX issued a public statement proposing a 10% bounty on the returned funds as part of their strategy to prevent legal repercussions for the hacker. By facilitating the return, GMX sought to resolve the incident amicably while mitigating potential risks for the hacker. This offer apparently influenced the attacker to comply, as the recovered funds were subsequently transferred to a security-controlled GMX wallet.
Following these events, GMX published a comprehensive post-mortem on the incident. This report included details of the reentrancy flaw that impacted GLP pricing and described ongoing efforts to enhance security and prevent future occurrences. Since the return of the funds, there have been no further communications from the hacker.
GMX reiterated their commitment to the battle against vulnerabilities, stating that the $5 million bounty for white hat hackers remains available and that they are prepared to verify the legitimacy of these funds for future applications.
Conclusion
The resolution of the GMX hack illustrates the complex dynamics of the cryptocurrency ecosystem, highlighting both the risks associated with decentralised finance and the opportunities for ethical hacking to play a role in maintaining security. As the industry continues to evolve, incidents like these reinforce the importance of robust security measures and transparent responses to threats.
