Hackers have started the year with another exploit, with several million being taken from a whale holding large amounts of decentralized finance (DeFi) protocol GMX’s native token.
On Jan. 3, various community members spotted suspicious movements of GMX tokens. Following this, security firms CertiK and PeckShield flagged the transactions as an exploit that drained $3.4 million worth of GMX tokens from a GMX whale.
According to data analysis platform Lookonchain, the hackers took control of 82,519 GMX tokens and exchanged the assets for 2,627 Ether (ETH). Then, the attackers cross-chained the assets to the Ethereum network using Hop Protocol and Across Protocol.
As the hack happened, the token’s value dropped to $38 before recovering shortly. At the time of writing, GMX trades at around $41. This sudden price drop may have been caused by the hack alarming community members. One user tweeted:
What just happened to #gmx ?#crypto #blockchain #btc #eth #sol #playtoearn #Metaverse pic.twitter.com/ivHqgYPDu9
— Crypto News Today (@Crypto_news2021) January 3, 2023
As some community members observed the hack’s effect through the charts, comments on the negative side of self custody were seen on social media. One Twitter user said that the event highlights “the dark side of self-custodial wallets.”
Related: Here’s how Defrost Finance plans to refund users following $12M hack
On Jan. 1, Bitcoin (BTC) core developer Luke Dashjr claimed that he lost BTC to hackers. Because of this, members of the crypto community voiced their opinions that the exploit highlights the risks that come with opting to self-custody digital assets. Various community members echoed these sentiments, saying that if a top developer didn’t secure his BTC, normal people would have no hope.
DeFi hackers have been active during the holiday season. On Dec. 25, $12 million worth of digital assets were taken through a flash loan attack, liquidating Defrost Finance users. A day later, another DeFi hack was seen, with hackers draining about $8 million from Bitkeep wallets through compromised Android Package Kits (APKs).