{"id":24262,"date":"2025-05-26T10:12:44","date_gmt":"2025-05-26T07:12:44","guid":{"rendered":"https:\/\/forklog.com\/en\/analysts-uncover-cause-of-cetus-hack\/"},"modified":"2025-05-26T10:12:44","modified_gmt":"2025-05-26T07:12:44","slug":"analysts-uncover-cause-of-cetus-hack","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/analysts-uncover-cause-of-cetus-hack\/","title":{"rendered":"Analysts Uncover Cause of Cetus Hack"},"content":{"rendered":"<p>The breach of the decentralized exchange Cetus was attributed to a vulnerability in the liquidity parameter verification of the automated market maker. This was detailed in a report by <a href=\"https:\/\/dedaub.com\/blog\/the-cetus-amm-200m-hack-how-a-flawed-overflow-check-led-to-catastrophic-loss\/\">Dedaub<\/a>.<\/p>\n<p>The issue went undetected due to a lack of &#8220;code overflow&#8221; checks.<\/p>\n<p>Hackers exploited an error in the verification of the <span data-descr=\"Most Significant Bit, MSB\" class=\"old_tooltip\">most significant bits<\/span> to artificially inflate liquidity values. This enabled them to create large positions with minimal investment and withdraw funds from the pools.<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p><em>\u201cThe perpetrators added massive amounts of liquidity by investing just one token unit, then drained pools of hundreds of millions of dollars,\u201d analysts explained.<\/em><\/p>\n<\/blockquote>\n<p>On the day of the <a href=\"https:\/\/forklog.com\/en\/news\/hackers-drain-11m-from-cetus-pool-on-sui\">incident<\/a>, validators and partners of the Sui ecosystem froze $163 million of the $223 million stolen.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">We\u2019ve learned that a Cetus smart contract was hacked this morning for approximately $223M and Cetus subsequently paused their smart contracts to prevent further theft. <\/p>\n<p>Cetus worked together with the other DeFi protocols, the Sui Foundation, and the Sui validators to\u2026 <a href=\"https:\/\/t.co\/Y1iw2sNnPW\">https:\/\/t.co\/Y1iw2sNnPW<\/a><\/p>\n<p>\u2014 Sui (@SuiNetwork) <a href=\"https:\/\/twitter.com\/SuiNetwork\/status\/1925572334054002774?ref_src=twsrc%5Etfw\">May 22, 2025<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>The decision sparked mixed reactions within the crypto community. Proponents of decentralization criticized the validators for their intervention and control over the network.<\/p>\n<blockquote class=\"twitter-tweet\" data-conversation=\"none\">\n<p lang=\"en\" dir=\"ltr\">SUI validators are actively censoring transactions across the blockchain.<br \/>This completely undermines the principles of decentralization and transforms the network into nothing more than a centralized, permissioned database.<\/p>\n<p>\u2014 Dave (@ItsDave_ADA) <a href=\"https:\/\/twitter.com\/ItsDave_ADA\/status\/1925592811446960575?ref_src=twsrc%5Etfw\">May 22, 2025<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p><em>\u201cSui validators are censoring transactions, turning the network into a centralized database,\u201d wrote one X user.<\/em><\/p>\n<\/blockquote>\n<p>Earlier, the team behind the decentralized exchange <a href=\"https:\/\/forklog.com\/en\/news\/cetus-offers-hacker-6-million-for-return-of-20920-eth\">offered<\/a> the hacker $6 million for the return of 20,920 ETH. If accepted, the project promised not to contact law enforcement or disclose the perpetrator&#8217;s information.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The breach of the decentralized exchange Cetus was attributed to a vulnerability in the liquidity parameter verification of the automated market maker. This was detailed in a report by Dedaub. The issue went undetected due to a lack of &#8220;code overflow&#8221; checks. Hackers exploited an error in the verification of the most significant bits to [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":24261,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"","news_style_id":"","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[44,787,1651],"class_list":["post-24262","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-cybercrime","tag-dex","tag-sui-sui"],"aioseo_notices":[],"amp_enabled":true,"views":"99","promo_type":"","layout_type":"","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/24262","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=24262"}],"version-history":[{"count":0,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/24262\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/24261"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=24262"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=24262"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=24262"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}