Thomas Daniels
The recent $40 million exploit targeting the GMX V1 decentralized perpetual exchange marks another critical cybersecurity breach within the 2025 crypto landscape. Authorities promptly suspended all trading and token minting on GMX V1 after a vulnerability in its liquidity pool was exploited on Wednesday, with stolen assets transferred to an unidentified wallet.
GMX V1, the inaugural iteration of the GMX perpetual exchange hosted on Arbitrum, manages a diversified asset pool comprising Bitcoin, Ether, and several stablecoins—assets controlled by liquidity providers to underpin GLP token issuance. The hack prompted an immediate freeze on minting and redemption of GLP tokens, not only on Arbitrum but also on Avalanche’s mainnet, as a precaution against cascading losses.
Platform users were directed to deactivate leverage and disable GLP minting settings to mitigate additional exposure. Importantly, GMX clarified that the breach was strictly confined to V1, its GLP pool, and related markets—neither affecting GMX V2, GMX token holders, nor other liquidity reserves.
Blockchain security auditor SlowMist identified a design flaw linked to GLP’s valuation model. The exploit leveraged this weakness by artificially manipulating the token’s price via miscalculated total assets under management, triggering withdrawals that drained liquidity.
This incident highlights the escalating frequency and sophistication of crypto attacks affecting both centralized platforms and decentralized protocols. According to recent data, cumulative losses from such hacks reached approximately $2.5 billion in the first half of 2025. Earlier in the year, the Bybit breach alone accounted for an estimated $1.4 billion in stolen assets.
More recently, the Iranian crypto exchange Nobitex fell victim to a June cyberattack allegedly orchestrated by the pro-Israeli hacking collective Gonjeshke Darande, resulting in over $81 million in losses and a temporary service shutdown.
In parallel, U.S. Treasury sanctions were imposed this Wednesday on North Korea–linked hacking cell Song Kum Hyok, credited with infiltrating multiple crypto and defense-sector entities. The group reportedly employed a combination of social engineering techniques and cyber-espionage to compromise organizations from within.
