According to PANews, GMX has disclosed details regarding a $40 million exploit on its V1 platform on the Arbitrum chain that occurred on July 9. The security team identified the attack as stemming from a reentrancy vulnerability in the OrderBook contract. Hackers exploited this flaw to manipulate the average price of BTC shorts, significantly inflating GLP prices for arbitrage gains.
In response, GMX has suspended related transactions on the Avalanche chain and confirmed that the V2 version remains unaffected. The company plans to disable GLP minting and redemption and establish a compensation pool as part of its corrective measures. GMX has also advised projects forked from V1 to promptly address similar vulnerabilities.
