TechFlow, on May 24, SlowMist officially released an analysis of the Cetus hack, pointing out that the attacker carefully constructed parameters to trigger overflow while bypassing detection, ultimately exchanging a minimal amount of tokens for a massive amount of liquidity assets.
SlowMist stated this was an extremely sophisticated mathematical attack, where the attacker exploited a mathematical overflow vulnerability in the checked_shlw function of the Cetus smart contract. By carefully crafted parameters, the overflow check was circumvented, allowing the attacker to exchange just one token for a huge quantity of liquidity assets. The attacker made approximately $230 million in profits, including various assets such as SUI, vSUI, and USDC.
Following the attack, Cetus suspended its smart contract and released a patch fixing the incorrect mask and conditional checks in the checked_shlw function. With cooperation from the SUI Foundation and other ecosystem members, $162 million of the stolen funds on SUI have been successfully frozen. The attacker has already transferred part of the funds to EVM addresses via cross-chain bridges.




