In January 2022, a user of the decentralized GMX cryptocurrency exchange was the victim of a hack.  The attacker drained approximately $3.5 million in tokens from the whale’s account.

Inside the Attack

On January 3, 2022, transactions moving large volumes of GMX tokens were discovered as the attacker drained value from the whale’s wallet.  Further investigation determined that only a single account was impacted, making the likely cause of the theft a compromised private key.  After stealing the tokens, the attacker exchanged them for ETH and used a cross-chain bridge to move them to the Ethereum blockchain.

This hack was one of several against high-profile crypto users within the space of a week.  Between December 31 and January 3rd, Luke Dashjr and Nikhil Goplani also reported that they were the victims of attacks that drained varying amounts of cryptocurrency from their blockchain accounts.

Lessons Learned From the Attack

Phishing attacks are a common technique used by cybercriminals to gain access to blockchain wallets and drain value from users’ accounts.  To learn more about the main threats to wallet security and best practices for protecting against them, check out our blog on the Top 10 Ways to Secure Your Crypto Wallet.

Explained: The GMX Whale Hack (January 2022)
Rob Behnke