The decentralized exchange (DEX) GMX has suffered a hacker attack, resulting in approximately $42 million in digital asset losses. The incident drew swift attention from the crypto community, with a researcher known as DeFi Cheetah among the first to notice the suspicious outflow of funds. According to on-chain data, at the time of reporting, the hacker was transferring assets from the L2 Arbitrum solution to Ethereum. The attacker had already exchanged some USDC stablecoins for DAI. The compromised wallet also held various digital assets, including wBTC, ETH, wETH, UNI, and LINK. Assets in the hacker's wallet were tracked and reported by DeBank. GMX representatives confirmed the breach, stating that the GLP coin pool on GMX V1 in the Arbitrum network was targeted. In response, the platform took decisive action: ”Trading on GMX V1, as well as GLP issuance and redemption, has been disabled on both Arbitrum and Avalanche to prevent further attacks and protect users from additional negative consequences,” the statement said. Platform representatives emphasized that the vulnerability did not affect GMX V2, its markets, liquidity pools, or the GMX native token, reassuring users about the safety of other assets and services. Following the attack, GMX's exchange rate dropped by 17%, falling from $15 to $11.40, according to CoinGecko. This sharp decline reflected both the immediate impact of the exploit and the broader market's sensitivity to security incidents in DeFi. Key Points from the Incident Attack Impact: Approximately $42 million in assets were stolen. Detection: The suspicious activity was first flagged by DeFi Cheetah. Assets Involved: USDC, DAI, wBTC, ETH, wETH, UNI, and LINK. Immediate Response: GMX V1 trading, GLP issuance, and redemption were halted on Arbitrum and Avalanche. Scope of Vulnerability: Only GMX V1 affected; GMX V2 and other products remain secure. Market Reaction: GMX token price dropped 17% post-attack. Lessons and Takeaways This incident underscores the importance of rapid detection and transparent communication in the DeFi sector. GMX’s immediate response—disabling affected services and clarifying the scope of the vulnerability—helped contain the fallout and reassure users. The episode also highlights the ongoing challenges of securing cross-chain assets and the need for robust risk management in decentralized protocols. As the DeFi ecosystem matures, such events serve as critical reminders for both users and developers to prioritize security, monitor on-chain activity, and maintain open channels of communication during crises.
