- GMX, a decentralized finance (DeFi) platform, suffered a $42 million hack linked to a software vulnerability.
- The Hacker quickly moved and exchanged stolen funds, making recovery efforts difficult.
- Circle, issuer of USDC stablecoin, faced criticism for not freezing suspicious transactions after the breach.
- Experts warn that many projects using the same code as GMX could be at risk.
- The value of the GMX token dropped about 25% following the hack.
An attack on the decentralized finance platform GMX led to a theft of approximately $42 million on July 9, 2025. The incident raised concerns due to the use of similar underlying code in many other DeFi projects, which could make them vulnerable to similar exploits.
According to CoinMarketCap, the value of the GMX token fell by about 25% after the security breach. The attack appears to have used a bug in the GMX v1 code, with security auditors at BlockSec suggesting a reentrancy vulnerability as the cause. The team at GMX stated that the exploit did not impact GMX V2, its markets, or most liquidity pools, and offered a 10% bounty for the return of stolen funds through an on-chain message.
The hacker quickly moved millions in stolen USDC stablecoins from the Arbitrum blockchain to Ethereum. They then exchanged the USDC for DAI, another stablecoin that cannot be frozen by the issuer. Observers highlighted that Circle, the company behind USDC, missed the opportunity to freeze over $9 million in its tokens. The hacker even used Circle’s bridging tool to move $8 million USDC between blockchains before swapping for DAI. Blockchain investigator ZachXBT reported that he notified Circle staff immediately, but no action was taken. In contrast, a freeze of Tether’s USDT took place just moments after the hacker tried to use it.
Industry security experts fear that other decentralized exchanges and trading platforms that copied GMX’s code could be at risk if they have not addressed the same vulnerability. Peckshield, a blockchain security firm, cautioned that at least $28 million could be exposed across similar projects. Data from DeFiLlama shows 64 related forks, though only 13 hold more than $100,000 each.
Launched in September 2021, GMX was an early leader in on-chain crypto trading and at one point reached $700 million in total value locked (TVL). After the hack, GMX issued warnings to projects that had forked its code, suggesting they disable leverage trading and token minting to limit further risk.
The team continues to monitor the situation, and security researchers advise users to withdraw funds from any platform based on the affected version of the GMX code. More background on the attack and its impacts can be found through provided source links and DeFiLlama statistics.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
Previous Articles:
- Senators Target Crypto Bill Loopholes, Warn of President Abuse
- GMX Exploited for $42M; Trading Halted as Investigation Ongoing
- Ripple Picks BNY Mellon to Custody RLUSD as Cap Hits $500 Million
- Crypto Traders Mull Lawsuit After $242M Polymarket Suit Controversy
- Remixpoint Raises $215M to Expand Bitcoin Treasury Holdings
