Following the recent hack of the GMX exchange, the hacker announced their intention to return stolen funds, beginning with the transfer of 5 million FRAX tokens. GMX offered a 10% bounty for the return of their funds.
Promise of Fund Return
The GMX hacker posted an on-chain message stating they would return the funds 'later.' Shortly after, 5 million FRAX tokens were returned to the GMX deployer contract. Minutes later, the hacker sent back 3,000 ETH as well. All of the hacker's wallets were flagged, but this would not prevent mixing if the hacker decided to keep the funds.
Market Impact and Price Manipulation
The GMX hack caused the token's value to drop by 30%, resulting in millions in lost value. The hacker timed their exchange of funds to ETH perfectly, converting $32 million in assets, now valued at over $35 million. This move allowed for the consolidation of stolen funds while awaiting better prices.
Addressing the Fund Restoration Issue
The GMX team identified the exploit source in the order book contract, which, despite protections against reentrancy, allowed the hacker to bypass that protection by calling an external function. Despite the incident, the GLP pool continued generating revenue, while the team is working to enhance security measures.
The GMX exchange hack highlighted serious vulnerabilities, yet by returning some funds, the hacker mitigated the impact on their victims. The GMX team is actively working to improve security to prevent similar incidents in the future.
