On July 9, 2025, GMX, a leading decentralized perpetual futures exchange, fell victim to a $42 million hack targeting its GLP liquidity pool on Arbitrum.
Mechanism of the Hack and Role of CrowSwap
The attacker used flash loans to manipulate GMX's GLP pool, extracting $32 million from Arbitrum and bridging $9.6 million to Ethereum. On-chain data shows the hacker converted $9.75 million in USDC and $1.34 million in DAI into ETH via CrowSwap, leveraging the platform's decentralized nature to obscure the funds' trail. CrowSwap's lack of centralized oversight has drawn scrutiny regarding its role in facilitating illicit transactions.
GMX's Response to the Incident
GMX halted V1 trading and disabled GLP minting/redemption on Arbitrum and Avalanche to limit further losses. The team offered a 10% white-hat bounty ($4.2 million) if 90% of the funds are returned within 48 hours and promised a detailed post-mortem. The hack caused GMX's token price to drop over 20% to $11.11.
Implications for DeFi
The GMX exploit underscores persistent DeFi security challenges, particularly around smart contract vulnerabilities and cross-chain risks. CrowSwap's involvement amplifies concerns about decentralized exchanges' susceptibility to misuse. As investigations continue, the DeFi community awaits updates on fund recovery and CrowSwap's response to its role in the laundering process.
The incident with GMX highlights the need for improved security measures in DeFi and raises questions about the future of decentralized platforms amid their growing usage.
