Slow Fog Releases Detailed Analysis of the $230 Million Cetus Theft Incident

ChainCatcher news, Slow Mist's official release on the Cetus theft incident analysis indicates that the core of this event is that the attacker carefully constructed parameters to cause an overflow while bypassing detection, ultimately exchanging a very small amount of tokens for a massive amount of liquidity assets.

Slow Mist stated that the attacker precisely calculated and selected specific parameters, exploiting the flaw in the checked_shlw function to obtain liquidity worth billions at the cost of just 1 token. This is an extremely sophisticated mathematical attack. The Slow Mist security team advises developers to rigorously verify all boundary conditions of mathematical functions in smart contract development.

Previously, on May 22, according to community news, the liquidity provider Cetus on the SUI ecosystem was suspected of being attacked, with a significant drop in liquidity pool depth and multiple token trading pairs on Cetus experiencing declines, with estimated losses exceeding $230 million. Subsequently, Cetus issued a statement indicating that an incident was detected in the protocol, and for safety reasons, the smart contract has been temporarily suspended while the team investigates the incident.