PANews, May 24 - Slow Mist released an analysis of the Cetus theft incident. The core of this incident is that the attacker carefully constructed parameters to cause an overflow while bypassing detection, ultimately exchanging a very small amount of Token for a huge amount of liquidity assets. The attacker exploited the flaw in the checkedshlw function to acquire various assets including SUI, vSUI, and USDC at the cost of just 1 Token. The attacker transferred part of the funds (USDC, SOL, etc.) cross-chain to an EVM address through Sui Bridge. They deposited 10 million USD worth of assets into Suilend, and currently, 162 million USD of stolen funds have been frozen by the SUI Foundation. Cetus has fixed the vulnerability, and Slow Mist recommends that developers strictly validate the boundary conditions of mathematical functions.
According to previous news, Cetus confirmed that hackers stole approximately $223 million, and $162 million of the stolen funds have been frozen.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
