After falling for a phishing scam, a GMX whale lost $3.4 million in GMX, the native currency of the decentralized trading platform GMX. The tokens were then sold on the open market.
On January 3, a number of community members saw strange GMX token trades. Security firms CertiK and PeckShield later recognized the transactions as part of an exploit that took $3.4 million worth of GMX tokens from a GMX whale.
#CertiKSkynetAlert 🚨
— CertiK Alert (@CertiKAlert) January 4, 2023
We are seeing reports that an EOA holding GMX was hacked leading to loss of ~$3.5M
The stolen GMX was swapped for ETH
Funds currently located in 0x956…47946
Stay vigilant! pic.twitter.com/kRacvsFdVw
The administrator of GMX's Telegram channel verified the phishing incident and made it clear that the GMX platform itself had no security flaws.
Security analysts PeckShield estimated that the attacker sent GMX worth roughly $3.4 million to another account and traded them for Ethereum. On-chain data shows that the perpetrator started taking money out of the victim's wallet on January 3 at 7 PM UTC. These stolen assets were bridged onto the Ethereum mainnet at an address that is believed to belong to the hacker.
#PeckShieldAlert GMX official reported that a GMX whale wallet was hacked and the hacker sold ~$3M worth of $GMX
— PeckShieldAlert (@PeckShieldAlert) January 4, 2023
Currently the stolen funds sit in https://t.co/HYn2VQfAVR pic.twitter.com/3GCCZA71rG
82,519 GMX tokens were purportedly obtained by the hackers, who then exchanged them for 2,627 ETH, according to the data analysis program Lookonchain. The attackers then used the Hop and Across protocols to cross-chain the assets to the Ethereum network.
A large $GMX holder got hacked.
— Lookonchain (@lookonchain) January 4, 2023
The hacker sold the stolen 82,519 $GMX($3.4M) for 2,627 $ETH.
Then cross-chained all $ETH to the Ethereum network with Hop Protocol and Across Protocol.@LouisCooper_ @GMX_IO
Hacker addresses:https://t.co/wheBUTDJJihttps://t.co/chQflR1mMA pic.twitter.com/XFlbwuijpj
When questioned how they were certain that a hack had occurred, a moderator in the group replied that the team was in contact with the attack victim.
While the attack was occurring, the token's value dropped to below $37.8 before swiftly rebounding once more. At the time of writing, it is trading at around $41.5.
DeFi hackers were active over the holidays. On December 25, $12 million worth of digital assets were taken through a flash loan attack, wiping out Defrost Finance users. Flashloan attacks in December 2022 caused losses of about $7.6 million, up from about $5.2 million in losses in November, according to CertiK Alert.
