A hacker who drained roughly $32 million in crypto assets from GMX earlier this week has returned the funds after the derivatives exchange offered a 10% “white-hat” bounty. GMX had given the exploiter 48 hours to comply with the proposal announced on 9 July. On-chain data show the attacker rapidly swapped nearly all of the stolen tokens for about 11,700 ether and spread the proceeds across four fresh wallets. By the morning of 11 July, the exploiter began reversing the transactions, first sending 5.49 million FRAX back to a GMX deployer address. Security firm PeckShield then recorded two transfers of roughly 3,000 ETH each—worth about $9 million apiece—to GMX’s Gnosis Safe and Security Committee wallets. Additional payments followed, and by late 11 July blockchain trackers tallied a complete reimbursement of some $40.5 million in ether and FRAX. The individual accepted the 1,700 ETH bounty attached to the offer, subsequently moving those tokens through the Tornado Cash mixing service. GMX has not yet commented publicly on the settlement, which underscores the growing use of bounties to resolve DeFi exploits without resorting to law enforcement.