Yesterday, Cetus Protocol on the Sui Network was hacked. The bad actors got away with $220 million. Some people thought that Sui got hacked, but that’s incorrect. What we saw was a Cetus exploit. That is an app built on the Sui Network and part of the Sui ecosystem. However, the Sui Network managed to freeze $160 million.
So, let’s find out about the details of this Cetus exploit.
What Happened During the Cetus Exploit?
So, let’s get one thing straight from the beginning about this Cetus exploit. It was not the Sui Network that got exploited. There seems to be some FUD going around on X saying that Sui got exploited. That’s incorrect. It was the Cetus Protocol that got exploited. This is one of the leading DEXes on Sui.
ANNOUNCEMENT
As of earlier today, we have confirmed that an attacker has stolen approximately $223M from Cetus Protocol. We have took immediate action to lock our contract preventing further theft of funds.
$162M of the compromised funds have been successfully paused. We are…
— Cetus
(@CetusProtocol) May 22, 2025
So, with this out of the way, let’s see what happened. It seems that the attacker used a flash loan that doesn’t ask for collateral. Within 60 seconds, the attacker managed to drain around $220 million. He exploited a bug in the Cetus code. Now, Cetus is active on two chains, Sui and Aptos. This bug was also active on Aptos. However, the attacker made his move on Sui.
2/
The take:
$223M drained.
~$60M made it out.
Bridge to ETH.
Swap into 22,000 $ETH.
Gone in 60 seconds. pic.twitter.com/NSWOcMaMaL— Kyle Chassé / DD
(@kyle_chasse) May 23, 2025
From the $220 million of this Cetus exploit, the attacker managed to bridge $60 million to Ethereum. Here he swapped this into $ETH. However, the Sui Foundation and Mysten Labs managed to freeze the remaining $160 million. Mysten Labs is the team behind Sui. They managed to do this with the cooperation of Sui validators. Let me explain how this worked.
Sui Validators Come to the Rescue
In extreme cases, like a major hack as in this Cetus exploit, Sui validators can come together. They can now decide to reach consensus and deny transactions from specific malicious wallets. They reached a supermajority validator vote to freeze the wallets of the hackers. Some people were upset about this and concluded that Sui is centralized. However, in contrast, this shows the power of decentralized power. This only happens with large-scale exploits, like the Cetus exploit.
Today $SUI validators from across the world coordinated together to freeze the hacker’s wallet
Some are calling this centralization
Spoiler: it’s not!
This is what real world decentralization looks like. Not just powerless, but responsive and aligned with the community
If… pic.twitter.com/1KMe2IrRpa
— Matteo (@matteodotsui) May 22, 2025
It also shows the fast and targeted reaction of the Sui Foundation and Mysten Labs. With their decisive and precise action, they managed to freeze 73% of the stolen funds.
What Is the Current Situation of the Cetus Exploit?
Here’s a sitrep for the current Cetus exploit. Cetus is in contact with law enforcement and is ready to take further action if needed. It also engaged professional anti-cybercrime organizations. This is to trace the funds and to negotiate with the hacker.
Dear Sui community, thank you for your patience while our team works on the incident investigation and resolution.
Since taking the actions indicated in our previous announcement, we have also done the following:
1. We engaged the broader ecosystem, Sui team, and related… https://t.co/Gs1EWXZ6AD
— Cetus
The root cause of the Cetus exploit was found and fixed. Cetus also shared this information with other ecosystem builders. Thus, preventing any further damage to the ecosystem.
Unfortunately, the $CETUS price dropped by 27%. Before this exploit, $CETUS was one of the best performers in the Sui ecosystem. Furthermore, this also affected all tokens in the Sui ecosystem. In general, they are down between 5% to 15%. Some Sui memecoins took bigger hits.
According to DeFiLlama, Cetus also dropped from 3rd to 10th place in TVL rankings on Sui. This should come as no surprise, considering $220 million went missing. If Cetus manages to recoup all $220 million, it should get straight up to its original 3rd spot.
Source: DeFiLlama
Out of the $220 million of this Cetus exploit, Cetus and Sui managed to freeze $160 million. This will be returned to the Cetus platform in due time. That leaves us with the $60 million that the hacker managed to bridge to Ethereum. Now, this is where it gets interesting.
Cetus is currently negotiating with the hacker. If he is willing to return the stolen funds, Cetus will take no further legal action. It will also consider the case closed. In return, if offers a $6 million bounty. This puts the ball in the hacker’s court. See the picture below.
Source: Sui Vision, blockchain explorer
Disclaimer
The information discussed by Altcoin Buzz is not financial advice. This is for educational, entertainment and informational purposes only. Any information or strategies are thoughts and opinions relevant to accepted levels of risk tolerance of the writer/reviewers, and their risk tolerance may be different from yours.
We are not responsible for any losses that you may incur as a result of any investments directly or indirectly related to the information provided. Bitcoin and other cryptocurrencies are high-risk investments, so please do your due diligence.
Copyright Altcoin Buzz Pte Ltd.
The post Cetus Exploit: $160M Frozen, Bug Identified appeared first on Altcoin Buzz.
