SlowMist: Cetus Hack Caused by Mathematical Overflow Vulnerability

SlowMist has released an analysis of the Cetus hack, stating that the core of the incident was that the attacker used carefully constructed parameters to cause an overflow while bypassing detection, ultimately allowing them to exchange a tiny amount of Token for a huge amount of liquid assets.

The attacker exploited a flaw in the checked_shlw function to obtain various assets, including $SUI, vSUI, and $USDC, at the cost of 1 token. The attacker bridged some of the funds ($USDC, SOL, etc.) to an EVM address via $Sui Bridge and other cross-chain methods, and deposited $10,000,000.00 in assets into Suilend. Currently, $162,000,000.00 in stolen funds have been frozen by the $SUI Foundation. Cetus has fixed the vulnerability, and SlowMist recommends that developers strictly verify the boundary conditions of mathematical functions.