Cetus Protocol Hack: $223M Vanishes in Explosive DeFi Heist

Hackers smashed through a critical overflow flaw in Cetus Protocol's automated market maker like a wrecking ball, leaving a trail of $223 million in user losses. That's right, the security experts at Dedaub spilled the beans in their post-mortem, and it's not pretty.

"This incident is the DeFi world's latest blockbuster exploit, and it's all thanks to a sneaky overflow glitch," Dedaub dropped in their report. You can bet they're not mincing words.

Dedaub peeled back the curtain on the flaw, revealing a wild "overflow" in Cetus's math that sent things haywire. A botched condition couldn't handle the big numbers and totally whiffed on the results. It's like the system tried to do the math but forgot to carry the one!

Instead of slamming the door on those oversized values, the system chopped them down, making the output look tiny compared to what it should've been. Talk about a mathematical meltdown!

And the hackers? They rode that glitch like a rollercoaster, depositing just one token while Cetus mistakenly showered them with a massive liquidity position. Then, bam! They yanked out heaps of real assets from the pools, leaving everyone else in the dust.

Dedaub's digging uncovered that Ottersec had already waved a red flag about a similar vulnerability back in early 2023 during an audit on the Aptos deployment. But when the code jumped to the Sui network, the same old issue was still lurking in the shadows. The devs tried to patch it up, but the overflow check was as weak as a wet paper towel, letting the exploit sneak right through.

"This mess proves why you can't just brush off those edge cases in DeFi," Dedaub warned, throwing down the gauntlet. They're calling out the complex math in decentralized finance, demanding it get the full-court press of review and testing. And yeah, they're telling devs to double-check that overflow protection, especially when dealing with big numbers or fancy math.

Cetus Exploit Triggers Market Mayhem

Cetus, the big dog DEX on the SUI network, got hacked to pieces in the early hours of May 22, marking one of the wildest losses the Sui ecosystem has ever seen. At first, everyone thought it was just an "oracle bug," but oh boy, were they wrong.

The exploit left a $223 million crater across various liquidity pools, sending shockwaves through the market. Tokens like SUI and CETUS took a nosedive, dropping over 40% in the aftermath. And those memecoins and smaller market cap tokens? They crashed harder than a lead balloon, some plummeting over 90%.

The Sui Foundation wasn't messing around, teaming up with validators to freeze a whopping $163 million of the stolen loot. And Cetus? They're not taking this lying down, offering a cool $5 million bounty for anyone who can finger the culprits. It's on, folks!