The attacker who infiltrated the decentralized exchange (DEX) GMX v1 and stole $40 million in cryptocurrency has begun returning the stolen funds after sending an on-chain message promising to return the cryptocurrency.

In an on-chain message marked by blockchain security company PeckShield, the hacker wrote that the funds would be returned. "Okay, the funds will be returned later," the attacker wrote in the on-chain message, accepting the bounty offered by the GMX team.

About an hour later, the hacker started returning the cryptocurrency stolen from the attack. As of the time of publication, the address marked as GMX attacker 2 had returned approximately $9 million in Ether (ETH) to the Ethereum address specified by the GMX team in the on-chain message.

PeckShield's markings show that the attacker returned about $5.5 million in FRAX tokens to the GMX team. After some time, the hacker returned another $5 million in FRAX tokens to the GMX address.

As of the time of publication, approximately $20 million in assets have been returned to GMX.

Wednesday's attack targeted the liquidity pool on GMX v1, which is the first version of the perpetual trading platform deployed on Arbitrum.

The attacker exploited a design flaw to manipulate the value of the GLP token and withdrew various crypto assets from the platform.

In a post on the X platform, the GMX team acknowledged the hacker's capabilities and offered a $5 million bounty for the return of the stolen funds.

The team promised that once the funds were returned, that amount would be classified as a white hat bounty, which the hacker could use freely.

"You have successfully executed the attack; anyone looking at the attack transaction can see your capabilities in this regard," GMX wrote. "The $5 million white hat vulnerability bounty remains valid."

The GMX team stated that this would allow the hacker to eliminate the risks associated with using the stolen funds. The team even mentioned that they could provide proof of the source of funds if the hacker needed it.

On the other hand, if the hacker does not return the stolen funds, the GMX team threatened to take legal action.

In the on-chain message, the GMX team told the hacker that if the funds were not returned, they would take legal action within 48 hours.

In the message, the team stated that as long as 90% of the cryptocurrency was returned to their specified address, the hacker could keep 10% of the stolen funds as a white hat bounty reward.

Related: OpenAI faces IRS complaint for alleged tax violations

Original: “GMX Exploit Hacker Returns $40 Million in Stolen Funds”

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。