GMX exploit: $42M stolen, $14.3M on-chain via Arbitrum
On July 10, 2025, the GMX exploit saw attackers drain $42 million in crypto assets from the Arbitrum network by exploiting smart contract vulnerabilities. On-chain analysis by PeckShield tracked $9.6 million of the stolen funds moved to Ethereum via a bridge. Later, the exploiter transferred $14.3 million on-chain: sending 2,000 ETH (about $5.3 million) to a new Arbitrum wallet and swapping $9 million in USDC for decentralized DAI on Ethereum.
The GMX exploit underscores key DeFi security risks. Attackers leveraged Arbitrum’s low fees and high speeds to obscure large ETH moves. Converting USDC to DAI helps evade potential freezes, highlighting flash loan attacks, cross-chain tracing challenges, and centralized stablecoin vulnerabilities.
In response, GMX issued a 10% white-hat bounty to recover funds and strengthen defenses. Crypto traders should monitor DeFi security developments and adopt rigorous smart contract audits, real-time monitoring, robust bug bounty programs, and improved cross-chain tracking tools.
Bearish
In the short term, the GMX exploit is likely to exert downward pressure on GMX token prices as traders react to heightened risk and potential capital outflows. The breach undermines investor confidence in GMX’s protocol security and may trigger sell pressure. In the long term, although GMX’s 10% white-hat bounty and improved security measures could restore trust, recurring vulnerabilities in DeFi highlight ongoing risk factors. Overall, the exploit is expected to weigh on market sentiment and limit bullish momentum for GMX trading.