Blog

Hackers steal $3.5M worth of digital assets from GMX whale

Most Powerful Supplement Available

Hackers have started the year with another exploit, with several million being taken from a whale holding large amounts of decentralized finance (DeFi) protocol GMX’s native token. 

On Jan. 3, various community members saw suspicious movements of GMX tokens. Following this, security firms CertiK and PeckShield flagged the transactions as an exploit that drained $3.4 million worth of GMX tokens from a GMX whale.

According to data analysis platform Lookonchain, the hackers took control of 82,519 GMX tokens and exchanged the assets for 2,627 Ether (ETH). Then, the attackers cross-chained the assets to the Ethereum network using Hop Protocol and Across Protocol.

Hacker’s wallet address. Source: Etherscan

As the hack happened, the token’s value dropped to $38 before recovering shortly. At the time of writing, the token trades at around $41. This sudden price drop that may have been caused by the hack caused community members to be alarmed. One user tweeted: 

As some community members observed the hack’s effect through the charts, comments on the negative side of self custody were seen on social media. One Twitter user said that the event highlights “the dark side of self-custodial wallets.” 

Related: Here’s how Defrost Finance plans to refund users following $12M hack

On Jan. 1, Bitcoin (BTC) core developer Luke Dashjr claimed that he lost BTC to hackers. Because of this, members of the crypto community voiced their opinions that the exploit highlights the risks that come with opting to self custody digital assets. Various community members echoed sentiments saying that if a top developer didn’t secure his BTC, normal people would have no hope.

DeFi hackers have been active during the holiday season. On Dec. 25, $12 million worth of digital assets were taken through a flash loan attack, liquidating Defrost Finance users. A day after, another DeFi hack was seen, with hackers draining about $8 million from Bitkeep wallets through compromised APKs.