Blockchain security firm Dedaub released a post-mortem report on the Cetus decentralized exchange hack, identifying the root cause of the attack as an exploit of the liquidity parameters used by the Cetus automated market maker (AMM), which went undetected by a code “overflow” check.
According to the report, the hackers exploited a flaw in the most significant bits (MSB) check, allowing them to manipulate the values for the liquidity parameters by orders of magnitude and establish relatively large positions with a keystroke. The Dedaub security researchers wrote:
“This allowed them to add massive liquidity positions with just one unit of token input, subsequently draining pools collectively containing hundreds of millions of dollars worth of tokens.”
The incident and the post-mortem update reflect the unfortunate trend of cybersecurity exploits and hacks impacting crypto and the Web3 industry
Executives in the industry have continually warned that industry firms must establish safeguards and protect users before regulators clamp down and impose safeguards on the industry.
![Hackers, Cybercrime, Cybersecurity, Hacks]()
The flawed MSB check. Source: DedaubRelated: Twice lucky? Cetus’ recovery plan on Sui mirrors a Solana blueprint
The Cetus decentralized exchange hacked, triggering $223 million in losses
On May 22, the Cetus exchange was hacked, causing $223 million in user losses within a 24-hour period.
Cetus and the Sui Foundation also announced that Sui network validators froze a majority of the stolen assets.
$163 million of the $223 million was frozen by validators and ecosystem partners on the same day as the hack, according to the Cetus team.
Response draws criticisms and allegations of centralization
The decision to freeze the stolen funds drew mixed reactions from the crypto community, with decentralization advocates criticizing the validators for stepping in and controlling the chain.
“Sui validators are actively censoring transactions across the blockchain,” one user wrote on X, echoing many other posts.
![Hackers, Cybercrime, Cybersecurity, Hacks]()
Source: Sui"This completely undermines the principles of decentralization and transforms the network into nothing more than a centralized, permissioned database," the post continued.
“It’s interesting how many Web3 projects backed by VCs lean heavily on centralization, despite borrowing Bitcoin’s ethos,” Steve Bowyer wrote in a May 23 X post.
Magazine: Fake Rabby Wallet scam linked to Dubai crypto CEO and many more victims
- #Blockchain
- #Hackers
- #Cybercrime
- #Cybersecurity
- #Hacks
- #DeFi
Add reaction
![]()
Aviso: As informações nesta página podem ser provenientes de terceiros e não representam as opiniões ou pontos de vista da Gate. O conteúdo exibido nesta página é apenas para referência e não constitui aconselhamento financeiro, de investimento ou jurídico. A Gate não garante a exatidão ou integridade das informações e não será responsável por quaisquer perdas decorrentes do uso dessas informações. Os investimentos em ativos virtuais apresentam altos riscos e estão sujeitos a uma volatilidade de preços significativa. Você pode perder todo o capital investido. Por favor, compreenda completamente os riscos envolvidos e tome decisões prudentes com base em sua própria situação financeira e tolerância ao risco. Para mais detalhes, consulte o
Aviso Legal.
