Important Points

• The hacker who drained over $40 million from GMX’s contracts is now returning the funds, having accepted a $5 million white-hat bounty.
• Initial repayments include over $10.5 million in FRAX directed back to GMX’s deployer wallet, with more funds anticipated.
• The exploit took advantage of a re-entrancy flaw within GMX’s OrderBook contract, prompting a halt in V1 trading across platforms such as Arbitrum and Avalanche.

Overview of the Attack

The attacker has begun returning the funds stolen from GMX, indicating that they accepted the $5 million bounty offered for the safe return of the assets. Reports emerged earlier this week when an on-chain message indicated the intention to return funds.

Privacy-focused blockchain analytics firm PeckShield noted the transaction of $10.5 million in FRAX, which marked the start of fund reparations expected from the hacker who exploited the vulnerabilities in GMX’s platform.

As a result of this exploit, GMX paused trading, and effectively sought to limit further damages while securing a guarantee against any legal action if the funds were returned promptly. This approach seemed to have been successful, as indications suggest that the hacker is adhering to the conditions laid out by GMX.

This exploit is one of the largest in decentralized finance (DeFi) this year, marking a notable incident in a landscape grappling with security issues. The outcome of this situation highlights potential pathways for managing exploits effectively within the crypto space.