Slow Mist: GMX stolen GLP prices manipulated, attackers manipulate global average prices by creating large short positions through re-entry

BlockBeats news, on July 10th, SlowMist Cosine posted that the fundamental reason for GMX's $42 million theft last night was that GMX v1 would immediately update the global ShortAverage Prices when handling short positions, and this global average price would directly affect the calculation of total asset size (AUM), leading to manipulation of GLP token prices. Attackers exploit this design flaw by enabling the timelock.enable Leverage feature in Keeper during order execution (a necessary condition for creating large short positions), successfully creating large short positions through re-entry to manipulate the global average price, artificially raising GLP prices in a single transaction and profiting from redemption operations