According to Cyvers and Lookonchain, the attacker used a malicious contract funded through Tornado Cash to obscure the origin of the exploit.
Quote
Sources
Crypto hackers lift $42m from GMX’s Arbitrum liquidity pool in broad daylight
Referenced by
The GMX exploit attacker used a Tornado Cash-funded contract to obscure the origin of the exploit.
Crypto news
Claim
