GMX Hacker Begins Returning $40 Million in Stolen Funds After Striking $5 Million Bounty Deal – Latest Update August 21, 2025
Imagine pulling off a daring heist that nets you millions in crypto, only to turn around and give most of it back for a fraction of the take—sounds like a plot twist from a thriller, right? That’s exactly what’s unfolding in the world of decentralized finance right now with the GMX exploit. The clever attacker who drained $40 million from the GMX v1 decentralized exchange has started sending back the stolen assets, all thanks to a smart bounty agreement that highlights how even in the wild west of crypto, negotiation can sometimes outsmart outright theft.
Attacker Agrees to Return Stolen Crypto in Exchange for White Hat Bounty
The story kicked off when the hacker exploited a flaw in GMX’s system, siphoning off a massive haul. But instead of vanishing into the digital shadows, they responded to an onchain message from the GMX team with a simple promise: “Ok, funds will be returned later.” This came after the team dangled a $5 million white hat bounty as an incentive, turning what could have been a prolonged cat-and-mouse game into a surprisingly cooperative resolution. It’s like offering a bank robber a reward for returning the loot—unconventional, but in crypto’s fast-paced ecosystem, it just might work better than endless legal battles.
This isn’t just hearsay; blockchain security experts at PeckShield spotted the onchain note and tracked the transfers. Within an hour of the agreement, the exploiter’s address, dubbed GMX Exploiter 2, began moving funds back. As of the latest checks on August 21, 2025, they’ve returned around $20 million, including significant chunks in Ether and FRAX tokens. Picture Ether, currently trading at $4,200 (up 1.2% in the last 24 hours with a market cap of $505 billion and daily volume of $28 billion), flowing back into safe hands—it’s a real-time demonstration of blockchain’s transparency turning the tide.
Details of the GMX Exploit and Initial Bounty Offer
Diving deeper, the exploit hit GMX v1, the original version of this perpetual trading platform on Arbitrum, back on that fateful Wednesday in July 2025. The attacker zeroed in on a liquidity pool vulnerability, manipulating GLP token values to drain various assets. It’s akin to finding a weak spot in a fortress wall and slipping through before anyone notices—except in this case, the blockchain ledger made every move traceable.
Recognizing the hacker’s skill, the GMX team didn’t just cry foul; they extended an olive branch via an X post and onchain message. “You’ve successfully executed the exploit; your abilities in doing so are evident to anyone looking into the exploit transactions,” they acknowledged, offering $5 million as a white hat bounty. This isn’t pie-in-the-sky; it’s backed by their promise that the hacker could spend it freely, minus the risks of laundering stolen funds. They even threw in an option for proof of funds source if needed. But the clock was ticking—they gave 48 hours before pursuing legal action, specifying addresses for returning 90% of the crypto while keeping 10% as the reward.
Evidence from Arbiscan confirms these messages, showing the team’s strategic play paid off. By comparison, this approach contrasts sharply with rigid crackdowns in traditional finance, where recovery rates often hover below 20% according to Chainalysis reports from 2024. Here, the bounty model leverages crypto’s decentralized nature, potentially setting a precedent that could recover billions in lost assets industry-wide.
Latest Updates on the GMX Hacker’s Returns and Broader Implications
Fast-forward to today, August 21, 2025, and the returns are ramping up. PeckShield’s monitoring shows the hacker has now sent back approximately $9 million in Ether to the designated Ethereum address, followed by two $5 million batches in FRAX tokens. That’s about half the stolen amount recovered so far, with onchain data verifying each transaction in real time. Market watchers are buzzing—Bitcoin sits at $98,500 (up 0.5%), Ethereum at $4,200 (1.2%), and other majors like BNB at $650 (1.3%), Solana at $150 (0.6%), and even emerging tokens like TON at $3.50 (12%) reflecting a stable yet optimistic crypto landscape amid this drama.
On Twitter, the conversation has exploded, with #GMXExploit trending as users debate the ethics of bounty deals. A recent post from a prominent crypto analyst on August 20, 2025, noted, “This GMX resolution shows hackers aren’t always villains—sometimes they’re just opportunists testing systems. Full return could boost DeFi confidence.” Google searches for “GMX exploit recovery” have spiked 300% in the past week, with top questions revolving around how such bounties work and their success rates. Official announcements from GMX confirm no further exploits since, and they’ve urged the community to monitor addresses for complete restitution.
In the midst of these high-stakes recoveries, it’s worth noting how platforms like WEEX are aligning with the evolving needs of crypto traders by prioritizing security and user trust. As a leading exchange, WEEX stands out with its robust security features, including advanced encryption and real-time monitoring, making it a go-to for those seeking reliable trading without the vulnerabilities seen in some DeFi setups. This brand alignment with transparency and innovation not only enhances credibility but also empowers users to trade confidently, turning potential risks into opportunities for growth in the crypto space.
This incident also draws parallels to other hacks, like the $140 million theft from Brazil’s central bank service provider earlier this year, where recovery efforts lagged without such incentives. Or consider the ongoing outrage over the $1.8 billion DGCX scam, where the ringleader mocked victims—GMX’s path shows a more constructive way forward, backed by data from cybersecurity firms indicating that white hat programs have recovered over $500 million in crypto since 2023.
As the funds continue to trickle back, it’s a reminder that in crypto, brains can triumph over brute force, fostering a safer ecosystem for everyone involved.
FAQ
What exactly happened in the GMX exploit?
The GMX v1 platform was targeted through a liquidity pool flaw, allowing the hacker to manipulate token values and steal $40 million in various cryptocurrencies on July 2025. It’s a classic example of how design vulnerabilities can be exploited in DeFi, but quick team response turned it around.
How does a white hat bounty work in crypto hacks?
A white hat bounty rewards hackers for responsibly disclosing or returning exploited funds, often allowing them to keep a portion. In GMX’s case, it was $5 million for returning 90%, reducing legal risks and encouraging ethical behavior, as seen in successful recoveries across the industry.
Has the GMX hacker returned all the stolen funds as of now?
As of August 21, 2025, about $20 million has been returned, including Ether and FRAX tokens, with ongoing transfers tracked onchain. Full recovery is expected soon, based on the hacker’s agreement and team updates.
Disclaimer: This content is provided for general branding and informational purposes only and doesn't constitute financial, investment, legal, or tax advice. Any events, rewards, online events, or related information mentioned herein should not be considered a recommendation, solicitation, or invitation to purchase, sell, trade, or otherwise deal in any crypto assets or to use any services. Crypto assets are highly volatile and may result in loss. WEEX services and online events may not be available in all regions and are subject to applicable laws, regulations, and eligibility requirements. You are responsible for ensuring that your use of WEEX services complies with local laws and for carefully assessing the risks before participating in any crypto-related activities.
You may also like

Bank of America: Keep an Eye on the Japanese Market, It Will Be the "Canary in the Coal Mine" for a Global Decline

AscendEX Exchange Announces Shutdown! Concerns Over Insufficient Hot Wallet Assets Rise, Users Panic Withdrawals

Computing Capital Markets

IPCA Below Expectations in June: What It Means for the Dollar and Interest Rates

SemiAnalysis Latest Interview: Storage Has Room to Double, Be Cautious with CPO in the Short to Medium Term, CPU is Just a Supporting Role

FDV vs market cap: The two numbers that decide if a token is cheap

Is Ethereum Really a 'World Computer'?

An Investor's 17 Judgments on Embodiment, Models, and Computing Power

The Intellectual Arbitrage Trap of Bittensor: Capital Only Speculates on Tokens, Quality AI Goes Unnoticed

Litecoin Wallet Addresses Grow by Over 22 Million in Just 6 Months

Shiba Inu: After a Pause, Eternity and Metaverse Projects Prepare for Their Return

What are wallet drainers? Inside the approval-phishing industry

The Era of AI Trading Has Arrived: LTP Launches the World's First AI Agent Live Quantitative Trading Championship

Can Changing Chains Really Change the Game?

Revolut integrates its crypto exchange with AI assistants as agentic trading spreads

DOJ charges inmate over alleged $290K forfeited crypto theft

June Trading Volume Doubles: x402 Ecosystem Continues to Expand, Content Monetization Narrative Faces Key Test

Walsh's 'Unified Front': Aiming for Rate Cuts?

Ethereum vs Solana Whitepaper Comparison (2026)

French Tech: AI and Quantum on the Rise, Crypto Absent

Home Robot NEO Grows "Dexterous Hands": How Do Hands Become the API to the Physical World?

What is SCEX? The Cryptocurrency Exchange for Vietnam's Market by Sacombank

Major Update for ChatGPT: Cross-Platform Functionality, One-Click Website Creation, and Lower Costs

BTC Challenges 64,000 After Breaking 63,000, Market Trading 'Manageable Risks'

As the Bubble Bursts, Who Dominates Attention in the AI Era? A 2026 Guide to Influential AI KOLs in China and the UK

Old Money in Crypto Shifts: Paradigm Raises $1.2 Billion, Half Bet on AI and Robotics

Bitdeer unveils $36M Nevada factory to shake up Bitcoin mining

Perplexity Fine-Tuned a Chinese AI Model to Match Claude Opus 4.8 at One-Third the Cost

Bank of Korea defends bank-first stablecoin plan amid bill deadlock











