SlowMist CISO @im23pds posted on the X platform: "The root cause of the GMX attack is that GMX v1 immediately updates the global average short price when processing short positions, and this global average price will directly affect the calculation of the total asset size (AUM), which in turn leads to the manipulation of the GLP token price. The attacker exploited this design flaw by enabling the timelock.enableLeverage feature (a necessary condition for creating large short orders) when the Keeper executes the order, and successfully created a large short position to manipulate the global average price through re-entry, so as to artificially increase the GLP price in a single transaction and profit through redemption operations. [Odaily Planet Daily]

SlowMist: GMX was attacked because the GMX v1 global short average price was manipulated, and the GLP price was maliciously raised for arbitrage