SlowMist: Cetus theft incident caused by mathematical overflow vulnerability

SlowMist released an analysis of the Cetus theft incident. The core of this incident is that the attacker carefully constructed parameters to allow overflow to occur while bypassing detection, ultimately exchanging a huge amount of liquid assets for a very small token amount. The attacker exploits the vulnerability of the checked_sthlw function to obtain various assets including SUI, vSUI, USDC, etc. at the cost of one token. The attacker will cross chain some funds (USDC, SOL, etc.) to EVM addresses through Sui Bridge and other means. And deposited $10 million in assets into Suilend. Currently, $162 million of stolen funds have been frozen by the SUI Foundation. Cetus has fixed the vulnerability, and SlowMist recommends developers to strictly verify the boundary conditions of mathematical functions. Previously, Cetus confirmed that hackers stole approximately $223 million and has frozen $162 million of the stolen funds.