Cetus Hack: $230 Million Theft Driven by Overflow Vulnerability

A new analysis by SlowMist provides a deeper look at the recent $230 million theft from Cetus, revealing how an overflow vulnerability was exploited to manipulate token values. The attack targeted the ‘get_delta_a’ function, specifically leveraging a bypass of the ‘checked_shlw’ overflow detection mechanism. This allowed the attacker to miscalculate the required amount of haSUI tokens, enabling them to exchange a small number of these tokens for substantial liquidity assets. 💰 This attack underscores the vulnerability of mathematical calculations in smart contracts and the need for meticulous validation of boundary conditions during development.