GMX hack: $40M Returned, $38M Laundered via Tornado Cash
GMX hack on February 3 exposed a front-end vulnerability that let an attacker drain over $78 million from the DeFi protocol. GMX patched the UI flaw within hours and offered a 10% whitehat bounty with a 48-hour recovery deadline.
After encrypted negotiations, the GMX hack recovery saw the attacker return about $40.1 million—$9 million in ETH and $10.49 million in FRAX—to a new address. PeckShield verified these transactions. The remaining $38 million in USDC and USDT was laundered via Tornado Cash, making on-chain traceability difficult.
GMX praised the hacker’s technical skills and assured traders that recovered funds would be used safely. This incident highlights the importance of robust front-end security, rapid incident response, effective bug bounty programs, and negotiated recovery models in DeFi security.
Overall, the GMX hack underscores evolving trends in DeFi security.
Neutral
The GMX hack initially undermined trader confidence and could have triggered short-term selling of the GMX token due to security concerns. However, the swift UI patch, rapid partial fund recovery through a whitehat bounty and positive engagement with the hacker have mitigated risks. In the long term, the incident underscores the value of robust front-end security and effective bug bounty programs, which may strengthen trust in the GMX protocol. Overall, the balance between the breach impact and the successful response suggests a neutral price outlook for GMX.