GMX Trading Paused After $40M Exploit
GMX confirmed that its V1 platform suffered a devastating $40 million exploit on July 9, 2025, forcing the decentralized exchange to halt all trading activities on Arbitrum. The attack targeted the platform’s GLP liquidity pool, draining Bitcoin, Ethereum, and other digital assets in a single transaction that shocked the DeFi community.
GMX V1 Exploit Drains Arbitrum Liquidity Pool
The GMX protocol halted trading on GMX V1 after a liquidity pool suffered an exploit on Wednesday, leading to $40 million in funds being stolen and sent to an unknown wallet. The attack specifically compromised the GLP (GMX Liquidity Provider) token pool on the Arbitrum network, the backbone of the exchange’s trading operations.
In response, GMX V1 trading was disabled, alongside the minting and redeeming of GMX’s GLP token on Arbitrum. The immediate suspension of these core functions demonstrates the severity of the security breach and the platform’s commitment to preventing further losses.
Technical Breakdown of the $40 Million Attack
The root cause of this attack stems from GMX V1’s design flaw, where short position operations immediately update the global short average prices, directly impacting the calculation of Assets Under Management (AUM), thereby allowing manipulation. Security firm SlowMist identified this critical vulnerability in the platform’s architecture.
Through a reentrancy attack, they manipulated the GLP token pricing by exploiting how short position operations immediately update the global short average prices, which then impact the calculation of the assets under management. This sophisticated attack vector allowed the exploiter to drain the liquidity pool while manipulating token valuations.
The attacker leveraged this design flaw to artificially inflate GLP token prices, enabling them to withdraw significantly more assets than their actual contributions warranted. This type of economic attack highlights the complexity of DeFi protocols and the potential for mathematical vulnerabilities.
GMX Response and Recovery Efforts
The GMX development team has stated that an investigation is underway to determine how the exploit occurred and to identify the underlying vulnerability. External security partners are also assisting in the investigation. The team’s rapid response demonstrates its commitment to transparency and security.
GMX issued a white-hat bounty offer of 10% to the exploiter, urging a “swift and ethical resolution”. This $4 million bounty represents a significant incentive for the attacker to return the stolen funds and work with the platform to resolve the situation.
The exchange emphasized that only its V1 platform was affected by the exploit. GMX V2 and other platform components remain operational and secure, providing some relief to users and stakeholders.
Market Impact and Price Reactions
GMX price dropped more than 20% after the $40 million exploit on GMX’s V1 platform, with bulls under pressure at $11.45. The dramatic price decline reflects investor concerns about the platform’s security and the broader implications for DeFi protocols.
The GMX exploit, alongside other attacks, indicates that 2025 is a high-risk year for crypto. This incident adds to a growing list of DeFi exploits that have plagued the cryptocurrency space, raising questions about protocol security and risk management.
The market reaction underscores the importance of robust security measures in decentralized finance. Investors and users are scrutinizing platforms’ security protocols before committing significant funds.
Conclusion
The GMX exploit serves as a stark reminder of the vulnerabilities that can exist in complex DeFi protocols. While the platform’s quick response and bounty offer show responsible handling of the crisis, the incident highlights the need for more rigorous security audits and improved protocol design. As the investigation continues, the crypto community watches closely to see how GMX will strengthen its security measures and restore user confidence.
