The hacker behind the recent attack on decentralized perpetual exchange GMX has begun returning a portion of the stolen funds, according to on-chain data and statements from the protocol’s team.
Exploit and Negotiations
The exploit, which occurred earlier this month, resulted in the theft of approximately $3.4 million from GMX liquidity pools. The attacker used a sophisticated price manipulation strategy to drain funds, sparking outrage and concern across the DeFi community.
Since then, GMX developers have engaged in negotiations with the exploiter, offering a bounty in exchange for the return of the stolen assets and information about the vulnerability.
Funds Returned
As of today, blockchain data shows that the attacker has sent back nearly 30% of the stolen funds to GMX’s designated recovery address. The protocol’s team confirmed receipt and said discussions with the hacker are ongoing.
“We remain committed to recovering as much as possible and strengthening the platform’s defenses to prevent future incidents,” GMX wrote in a community update.
DeFi Security Concerns
The incident highlights continuing risks in the decentralized finance sector, where smart contract vulnerabilities and price manipulation attacks remain prevalent. Security experts are calling for more rigorous audits, real-time monitoring, and incentives for responsible disclosure.
Community Response
While some users welcomed the partial recovery, others expressed frustration that attackers can still dictate terms in exchange for returning stolen funds. Nonetheless, GMX’s ability to reestablish dialogue and retrieve a portion of assets is seen as a small but positive outcome.
GMX has pledged to publish a full post-mortem once negotiatio
