GMX: $40 million attack stems from reentrancy vulnerability in OrderBook contract By: PANews 2025/07/10 23:53

PANews reported on July 10 that GMX officially disclosed the reasons and follow-up measures for the attack of about $40 million on the Arbitrum chain on July 9 on GMX V1. According to the analysis of the security team, the attack originated from the reentrancy vulnerability of the OrderBook contract. The hacker used the vulnerability to manipulate the average price of BTC short positions, thereby significantly raising the price of GLP and arbitrage. The official has suspended transactions related to the Avalanche chain, confirmed that the V2 version is not affected, and will take measures such as disabling GLP casting and redemption and setting up a compensation pool. GMX reminds V1 fork projects to promptly repair similar risks.