GMX slumps following $40 million hack on V1 platform
|- Decentralized exchange GMX confirmed that its V1 platform on the Arbitrum network suffered a $40 million hack on Wednesday.
- The exchange has halted trading on its V1 platform to prevent further attacks.
- GMX saw a 15% decline over the past 24 hours following the exploit.
GMX experienced a double-digit decline on Wednesday after the exchange lost $40 million in an exploit targeting its V1 platform and GLP pool on Arbitrum, while its V2 platform remained unaffected.
GMX declines as hacker drains $40 million from V1 platform
Decentralized exchange GMX was the subject of a hack on Wednesday after revealing that an attacker had compromised its Arbitrum-based V1 platform and looted $40 million. The incident also affected GMX V1's liquidity provider, GLP, but left its native token, the upgraded V2 platform, other associated markets and liquidity pools unscathed.
"The exploit does not affect GMX V2, its markets, liquidity pools, or the GMX token itself. Based on the available information, the vulnerability is limited to GMX V1 and its GLP pool," GMX said in an X post on Wednesday.
The hacker bridged $9.65 million of the stolen funds to the Ethereum network and exchanged them into DAI and ETH, according to Lookonchain data. As a result, the exchange stated that it has disabled trading on GMX V1, along with minting and redeeming of GLP on both Arbitrum and Avalanche networks to prevent further attacks.
"Our primary focus is on recovery and pinpointing the root cause of the issue," GMX added.
Following the development, on-chain security firm SlowMist identified a design flaw in the exchange's architecture as the primary cause of the security breach.
SlowMist stated that the vulnerability centers around how GMX V1 handles short position operations, exposing a weakness that was ultimately exploited to manipulate token pricing and drain funds from the protocol.
"The root cause of this attack stems from GMX V1's design flaw where short position operations immediately update the global short average prices," SlowMist wrote in an X post on Wednesday.
GMX has reportedly issued a white-hat bounty offer of 10% to the exploiter, urging a "swift and ethical resolution." The team stated that if the stolen funds are returned within 48 hours, they will not pursue any further legal action.
GMX joins the list of crypto exchanges that have suffered losses from hackers in 2025. Other exchanges with similar attacks include Bybit, which lost $1.4 billion in February and Cetus DEX on Sui, which was the victim of a $220 million heist in May.
GMX is down 15% over the past 24 hours, changing hands near $12 at the time of publication.
Information on these pages contains forward-looking statements that involve risks and uncertainties. Markets and instruments profiled on this page are for informational purposes only and should not in any way come across as a recommendation to buy or sell in these assets. You should do your own thorough research before making any investment decisions. FXStreet does not in any way guarantee that this information is free from mistakes, errors, or material misstatements. It also does not guarantee that this information is of a timely nature. Investing in Open Markets involves a great deal of risk, including the loss of all or a portion of your investment, as well as emotional distress. All risks, losses and costs associated with investing, including total loss of principal, are your responsibility. The views and opinions expressed in this article are those of the authors and do not necessarily reflect the official policy or position of FXStreet nor its advertisers.