Cetus Protocol, Sui’s Top DEX, Suffers $223M Hack, Sui Tokens Take a Major Hit
Cetus Protocol, the largest decentralized exchange and liquidity provider on the Sui blockchain, was exploited for $223 million in a recent hack, the team confirmed via X.
Of the stolen assets, $162 million have been temporarily frozen, with Cetus collaborating closely with the Sui Foundation to attempt recovery of the remaining funds.
The attacker’s wallet (0xe28b50) currently holds over 12.9 million SUI tokens, valued at approximately $54 million. Blockchain data indicates this address’s total holdings exceed 32.9 million SUI (around $137 million), suggesting that some stolen funds may have been moved or swapped across various routes.
The wallet remains active, possibly in the process of laundering or hiding assets. This breach has put significant strain on Sui’s decentralized finance ecosystem, draining key liquidity pools and trading pairs.
Cetus has paused all smart contracts as a precaution and is conducting a thorough investigation. Preliminary findings reveal the hacker exploited vulnerabilities related to price curves and liquidity reserve calculations using counterfeit tokens such as BULLA. By injecting negligible liquidity, the attacker manipulated the internal liquidity pool state and withdrew genuine tokens like SUI and USDC multiple times without proper deposits.
The team assured users that contracts are paused “for safety” and that a comprehensive incident update will be released soon.
Binance CEO Changpeng Zhao (CZ) announced Binance has reached out to support the Sui community in addressing the incident.
Following the breach, CETUS token prices fell by 40%, while associated Sui meme coins, including BULLA and MOJO, saw losses exceeding 90%.
