Cetus Protocol Bleeds $260M in Exploit – SUI Tanks 15% as Security Unravels

Another day, another crypto heist—this time targeting Cetus Protocol’s liquidity pools. The exploit drained $260 million, sending shockwaves through the SUI ecosystem.

Market panic hits SUI: The token nosedived 15% within hours as traders fled. Smart contract audits? Apparently not smart enough.

DeFi’s ’trustless’ paradox strikes again: Hackers bypassed protocol safeguards with surgical precision. Meanwhile, Cetus users are left holding the empty bag—classic ’code is law’ irony.

Bonus cynicism: At least traditional banks pretend to refund your money after a robbery.

Source: Onchain Lens/X

The exploit, which triggered a sharp 15% plunge in SUI’s price to $3.90, has sent shockwaves through the ecosystem.

It noted,

“The team is investigating the incident at the moment. A further investigation statement will be made soon.”

While an investigation is underway, the crypto community has rallied, with industry leaders like Binance’s CZ voicing support for the compromised network during this turbulent time. 

Source: CZ/BNB/X

Details of the Cetus Protocol hack

According to insights from Lookonchain, the recent exploit on Sui’s Cetus DEX has been traced to a wallet identified as “0xe28b50.”

This address is reportedly linked to the hacker responsible for the breach and currently holds more than 12.9 million SUI tokens (approximately $54 million).

It added, 

“The hacker is converting the stolen funds into $USDC and cross-chaining to #Ethereum to exchange for $ETH, with ~60M $USDC already cross-chained.”

Widespread impact

Initial investigations indicate that the attacker exploited the Cetus Protocol by deploying counterfeit tokens, such as BULLA, to manipulate pricing mechanisms and reserve metrics within the platform.

The attacker manipulated liquidity pools by adding minimal liquidity, allowing them to siphon off real assets like SUI and USDC.

In response, the Cetus team has halted the affected smart contract to prevent further losses.

The Ripple effect of the breach has also prompted Sui-based liquid staking platform Haedal to suspend its haeVault feature, which depends on the compromised Cetus liquidity pools. 

Haedal said,

“User safety remains our top priority. haeVault will resume once all risks are resolved and the environment is secure.” 

Following the exploit, several Sui-based tokens tied to Cetus Protocol faced extreme losses, with assets like LBTC and AXOL nearly wiped out in value.

Other tokens, including LOFI, HIPPO, and SQUIRT, saw steep declines of around 80% within just six hours.

Steps taken by Cetus’ team

Amid the turmoil, Cetus successfully froze around $162 million in affected assets, as revealed in a recent X update.

Source: Cetus/X

Additionally, the protocol is also actively working with the Sui Foundation and key ecosystem partners to trace and recover the remaining stolen funds.

Price actions of Tokens on the Sui blockchain

However, despite the sharp declines seen across Sui-linked tokens, CETUS dropping nearly 30%, HAEDAL sliding over 5%, and SUI itself losing more than 7%, the broader outlook for the network remains optimistic.

While SUI trades well below its January peak, the protocol has achieved a major on-chain feat as its Total Value Locked (TVL) has reached a historic $2.2 billion as of the 22nd of May.

This 222% year-over-year growth signals a resilient DeFi ecosystem and continued investor confidence, suggesting that Sui’s foundational strength may weather the current volatility.