SlowMist: The core reason for the GMX attack is that the global short average price of GMX v1 can be manipulated, causing the GLP price to be maliciously inflated for arbitrage.

Blockbeats

10 Jul

BlockBeats News, July 10th, Slowmist CISO @im23pds tweeted that "The root cause of the GMX attack is that GMX v1 immediately updates the global short position average price when handling short positions. This global average price directly affects the calculation of the total asset under management (AUM), leading to the manipulation of the GLP token price.

The attacker exploited this design flaw by using a Keeper to enable the timelock.enableLeverage feature when executing orders (a necessary condition to create a large short position). Through reentrancy, they successfully created a large short position to manipulate the global average price, artificially raising the GLP price in a single transaction and profiting through redemption.

Disclaimer: Investing carries risk. This is not financial advice. The above content should not be regarded as an offer, recommendation, or solicitation on acquiring or disposing of any financial products, any associated discussions, comments, or posts by author or other users should not be considered as such either. It is solely for general information purpose only, which does not consider your own investment objectives, financial situations or needs. TTM assumes no responsibility or warranty for the accuracy and completeness of the information, investors should do their own research and may seek professional advice before investing.

Most Discussed

1
2
3
4
5
6
7
8
9
10

{"basename":"","ssrTDKData":{"titleTemplate":"%s - Tiger Brokers","title":"Tiger Brokers | Global Stocks, Options & Futures Trading App","description":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","keywords":"tiger brokers,tiger trade,tiger brokers singapore,broker online,stock trading in singapore,share trading singapore,brokerage firm singapore,trading app,stock broker singapore,stock trading platforms,trading account","social":{"ogDescription":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","ogImage":"https://c1.itigergrowtha.com/portal5/static/media/og-logo.be62fbe1.png","ogUrl":"https://www.itiger.com/news/2550652609"},"companyName":"Tiger Brokers"},"pageData":{"isMobile":false,"isTiger":false,"isTTM":true,"region":"SGP","license":"TBSG","edition":"fundamental"},"__swrFallback__":{"@#url:\"https://stock-news.skytigris.cn/v3/news\",params:#id:\"2550652609\",edition:\"fundamental\",,,undefined,":{"share":"https://ttm.financial/m/news/2550652609?lang=en_US&edition=fundamental","thumbnail":"","is_english":true,"pubTime":"2025-07-10 00:54","share_image_url":"https://static.laohu8.com/e9f99090a1c2ed51c021029395664489","id":"2550652609","market":"us","top_or_hot":-1,"title":"SlowMist: The core reason for the GMX attack is that the global short average price of GMX v1 can be manipulated, causing the GLP price to be maliciously inflated for arbitrage.","media":"Blockbeats","content":"<html><body><div><p>BlockBeats News, July 10th, Slowmist CISO @im23pds tweeted that \"The root cause of the GMX attack is that GMX v1 immediately updates the global short position average price when handling short positions. This global average price directly affects the calculation of the total asset under management (AUM), leading to the manipulation of the GLP token price.</p><p>The attacker exploited this design flaw by using a Keeper to enable the timelock.enableLeverage feature when executing orders (a necessary condition to create a large short position). Through reentrancy, they successfully created a large short position to manipulate the global average price, artificially raising the GLP price in a single transaction and profiting through redemption.</p></div></body></html>","source":"theblockbeats_live","html":"<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n<meta name=\"viewport\" content=\"width=device-width,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no\"/>\n<meta name=\"format-detection\" content=\"telephone=no,email=no,address=no\" />\n<title>SlowMist: The core reason for the GMX attack is that the global short average price of GMX v1 can be manipulated, causing the GLP price to be maliciously inflated for arbitrage.</title>\n<style type=\"text/css\">\na,abbr,acronym,address,applet,article,aside,audio,b,big,blockquote,body,canvas,caption,center,cite,code,dd,del,details,dfn,div,dl,dt,\nem,embed,fieldset,figcaption,figure,footer,form,h1,h2,h3,h4,h5,h6,header,hgroup,html,i,iframe,img,ins,kbd,label,legend,li,mark,menu,nav,\nobject,ol,output,p,pre,q,ruby,s,samp,section,small,span,strike,strong,sub,summary,sup,table,tbody,td,tfoot,th,thead,time,tr,tt,u,ul,var,video{ font:inherit;margin:0;padding:0;vertical-align:baseline;border:0 }\nbody{ font-size:16px; line-height:1.5; color:#999; background:transparent; }\n.wrapper{ overflow:hidden;word-break:break-all;padding:10px; }\nh1,h2{ font-weight:normal; line-height:1.35; margin-bottom:.6em; }\nh3,h4,h5,h6{ line-height:1.35; margin-bottom:1em; }\nh1{ font-size:24px; }\nh2{ font-size:20px; }\nh3{ font-size:18px; }\nh4{ font-size:16px; }\nh5{ font-size:14px; }\nh6{ font-size:12px; }\np,ul,ol,blockquote,dl,table{ margin:1.2em 0; }\nul,ol{ margin-left:2em; }\nul{ list-style:disc; }\nol{ list-style:decimal; }\nli,li p{ margin:10px 0;}\nimg{ max-width:100%;display:block;margin:0 auto 1em; }\nblockquote{ color:#B5B2B1; border-left:3px solid #aaa; padding:1em; }\nstrong,b{font-weight:bold;}\nem,i{font-style:italic;}\ntable{ width:100%;border-collapse:collapse;border-spacing:1px;margin:1em 0;font-size:.9em; }\nth,td{ padding:5px;text-align:left;border:1px solid #aaa; }\nth{ font-weight:bold;background:#5d5d5d; }\n.symbol-link{font-weight:bold;}\n/* header{ border-bottom:1px solid #494756; } */\n.title{ margin:0 0 8px;line-height:1.3;color:#ddd; }\n.meta {color:#5e5c6d;font-size:13px;margin:0 0 .5em; }\na{text-decoration:none; color:#2a4b87;}\n.meta .head { display: inline-block; overflow: hidden}\n.head .h-thumb { width: 30px; height: 30px; margin: 0; padding: 0; border-radius: 50%; float: left;}\n.head .h-content { margin: 0; padding: 0 0 0 9px; float: left;}\n.head .h-name {font-size: 13px; color: #eee; margin: 0;}\n.head .h-time {font-size: 11px; color: #7E829C; margin: 0;line-height: 11px;}\n.small {font-size: 12.5px; display: inline-block; transform: scale(0.9); -webkit-transform: scale(0.9); transform-origin: left; -webkit-transform-origin: left;}\n.smaller {font-size: 12.5px; display: inline-block; transform: scale(0.8); -webkit-transform: scale(0.8); transform-origin: left; -webkit-transform-origin: left;}\n.bt-text {font-size: 12px;margin: 1.5em 0 0 0}\n.bt-text p {margin: 0}\n</style>\n</head>\n<body>\n<div class=\"wrapper\">\n<header>\n<h2 class=\"title\">\nSlowMist: The core reason for the GMX attack is that the global short average price of GMX v1 can be manipulated, causing the GLP price to be maliciously inflated for arbitrage.\n</h2>\n\n<h4 class=\"meta\">\n\n\n2025-07-10 00:54 GMT+8&nbsp;&nbsp;&nbsp;<a href=https://www.theblockbeats.info//en/flash/301932><strong>Blockbeats</strong></a>\n\n\n</h4>\n\n</header>\n<article>\n<div>\n<p>BlockBeats News, July 10th, Slowmist CISO @im23pds tweeted that \"The root cause of the GMX attack is that GMX v1 immediately updates the global short position average price when handling short ...</p>\n\n<a href=\"https://www.theblockbeats.info//en/flash/301932\">Source Link</a>\n\n</div>\n\n\n</article>\n</div>\n</body>\n</html>\n","isBrief":false,"type":0,"news_type":1,"symbol":null,"symbol_name":null,"start_time":0,"source_url":"https://www.theblockbeats.info//en/flash/301932","article_id":"2550652609","we_media_id":null,"thumbnails":[],"rights":null,"url":"https://stock-news.laohu8.com/highlight/detail?id=2550652609","pubTimestamp":1752080040,"columns":[],"sourceInfo":{"source_id":"theblockbeats_live","name":"Blockbeats快讯"},"weMediaInfo":null,"summary":"BlockBeats News, July 10th, Slowmist CISO @im23pds tweeted that \"The root cause of the GMX attack is that GMX v1 immediately updates the global short position average price when handling short positio","collect":0,"end_time":0,"defaultTopTitle":"theblockbeats.info","property":[],"viewcount":null,"language":"en","relate_stocks":{},"translate_title":"SlowMist：GMX攻击的核心原因是GMX v1的全球空头均价可以被操纵，导致GLP价格被恶意虚高套利。","themeId":null,"isJumpTheme":false,"ttsUrl":null,"symbols_score_info":{"CISO":1,"GLP":1},"content_text":"BlockBeats News, July 10th, Slowmist CISO @im23pds tweeted that \"The root cause of the GMX attack is that GMX v1 immediately updates the global short position average price when handling short positions. This global average price directly affects the calculation of the total asset under management (AUM), leading to the manipulation of the GLP token price.The attacker exploited this design flaw by using a Keeper to enable the timelock.enableLeverage feature when executing orders (a necessary condition to create a large short position). Through reentrancy, they successfully created a large short position to manipulate the global average price, artificially raising the GLP price in a single transaction and profiting through redemption.","kind":"highlight","is_publish_news":true,"is_publish_highlight":false,"is_publish_live":false,"is_publish_wemedia":null,"editions":null,"column":"","sentiment":"-1","news_tag":"","news_rank":0,"symbols":[],"gpt_button":1,"code":"91000000","status":"200"}}}