On July 9, 2025, a significant hack occurred on the decentralized platform GMX, resulting in $42 million being stolen from the GLP liquidity pool on Arbitrum.
Incident Overview
The attacker exploited a reentrancy vulnerability, minting unauthorized GLP tokens and draining assets like ETH, LINK, UNI, DAI, USDC, FRAX, and WBTC. This event highlights vulnerabilities within the decentralized finance (DeFi) security framework.
ClockSwap's Role in Money Laundering
The attacker used flash loans to manipulate GMX's GLP pool, extracting $32 million from Arbitrum and bridging $9.6 million to Ethereum. They converted $9.75 million in USDC and $1.34 million in DAI into ETH via ClockSwap, leveraging the platform's decentralized nature to obscure the funds' trail. ClockSwap's involvement has raised concerns about the security of such platforms.
GMX's Response and Implications for DeFi
GMX halted V1 trading and disabled GLP minting/redemption on Arbitrum and Avalanche to limit further losses. The team offered a 10% white-hat bounty ($4.2 million) if 90% of the funds are returned within 48 hours. Following the hack, GMX's token price dropped over 20% to $11.11. The exploit emphasizes ongoing security challenges within DeFi, particularly regarding smart contract vulnerabilities and cross-chain risks.
The GMX incident raises important questions about security and vulnerabilities within the DeFi ecosystem, especially given the rapid growth of decentralized platforms. The community awaits further updates on fund recovery and ClockSwap's response.
