🚨On May 22, LP protocol @CetusProtocol was exploited, with losses exceeding $230M.

The attacker crafted a call that caused an overflow—yet still bypassed the check—allowing them to swap a tiny amount of tokens for a massive amount of liquidity assets. How?

🧐The core issue lies in the get_delta_a function. Its checked_shlw logic failed to properly detect an overflow, leading to a critical miscalculation of required haSUI.

➡️As a result, the protocol drastically underestimated how much haSUI the attacker needed to add—letting them drain assets at virtually no cost.

➕Using our on-chain AML & tracing tool @MistTrack_io, we also analyzed the EVM address receiving cross-chain funds: 0x890...4919b.

🔗Full post here:
https://t.co/TXZBzVhBet

#SUI #Cetus #Exploit #Web3Security #MistTrack
<img src="https://static.sosovalue.com/sosovalue/2025/05/24/439b91b0-5968-45c1-b2cd-0ae29f1415f3.jpg"/>

🚨SlowMist Security Alert🚨

We are actively analyzing the root cause of the incident involving @CetusProtocol.

According to @MistTrack_io, part of the funds has been swapped into $USDC and bridged to #Ethereum. We will continue to monitor and update on-chain movements.

Stay vigilant!