$40 Million Crypto Heist: GMX Hacker Returns Funds for $5M Bounty, Dodges Legal Battle
A hacker who siphoned $40 million in cryptocurrency from the decentralized exchange GMX has returned nearly the entire haul in exchange for a $5 million payout. The breach ranked among the largest in DeFi history, yet events took an unexpected turn when the GMX team proposed a settlement to avert protracted legal entanglements.
Once the attack was detected, GMX reached out to the perpetrator with a straightforward proposition: surrender the stolen assets and receive a legitimate reward. Acknowledging the attacker’s technical prowess, GMX stressed that the choice between a lawful bounty and retaining illicit gains under threat of prosecution should be self-evident. The exchange also assured users that any losses would be covered from internal contingency funds.
Three days after the hack, the swap was complete. The attacker signaled compliance on-chain—“ok, funds will be returned later”—and began remitting the money in tranches of roughly $5 million. In total, about $40.5 million was restored: 10,000 ETH worth $30 million and an additional $10.5 million in FRAX tokens. GMX confirmed receipt.
The team later published a technical post-mortem outlining the vulnerability, which has now been patched. Founded in 2021, GMX claims more than 714,000 users and a cumulative trading volume of $305 billion.
Legal jeopardy for the hacker, however, is not entirely off the table. A precedent looms from 2022, when Avraham Eisenberg drained $110 million from Mango Markets. Despite returning $67 million under a private agreement, he was later prosecuted and, in 2024, convicted on multiple counts—including commodities fraud and market manipulation—and sentenced to four years and four months in prison.
Support Our Threat Intelligence
If you find our technology report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
