GMX suffered a major security breach on July 9, 2025, with hackers draining approximately $42 million from its GLP liquidity provider pool on Arbitrum. Blockchain security firm Cyvers Alerts first flagged the exploit, tracing it to a Tornado Cash-funded wallet that stole assets including ETH, USDC, fsGLP, DAI, and UNI.
The GMX team immediately disabled trading, minting, and redemption functions while sending an on-chain message offering the attackers a 10% bounty if 90% of funds were returned within 48 hours. They confirmed the exploit was isolated to GMX V1, with V2 platforms and other liquidity pools unaffected. Despite this, the GMX token plunged over 35% intraday before settling at a 25% loss.
This marks GMX's second major breach in 2025 after a $13 million March hack that caused a 10% price drop. Blockchain investigator ZachXBT revealed $9.6 million had been bridged to Ethereum via Circle's CCTP during a two-hour window where funds could have been frozen, criticizing Circle for inaction. Approximately $33 million remains on Arbitrum at publication time.
