A hacker responsible for stealing approximately $40 million from GMX v1 has returned $20 million of the proceeds after accepting a $5 million white hat bounty offered by the decentralized exchange.
The attack exploited a previously unidentified design flaw in a GMX v1 liquidity pool. Following the exploit, GMX proposed a $5 million bounty alongside a legal warning demanding the return of 90% of the stolen assets within 48 hours.
The hacker subsequently returned roughly $9 million worth of Ether (ETH) and $10.5 million worth of FRAX stablecoins, amounting to partial restitution totaling $20 million.
Industry figures and security analysts view the resolution as demonstrating the evolving use of structured incentive programs within decentralized finance (DeFi) to mitigate exploits. Firms such as PeckShield specifically noted GMX’s proactive strategy in addressing the security breach.
The incident highlights the increasing significance of combining bounty offers with legal frameworks to resolve major DeFi exploits.