Cetus DEX Freezes $162 Million After $220 Million Sui Hack
The exploit came about due to a smart contract vulnerability, where the hackers tricked the DEX into accepting fake tokens as legitimate assets.
Despite swift action to prevent a major collapse, several ecosystem tokens (such as Hippo) have fallen 70%+.
Sui validators managed to halt approximately $162 million USD of the stolen funds in their tracks, with hopes of a fast recovery.
A decentralised exchange (DEX) operating on the Sui Network has encountered one of the ecosystem’s largest exploits in history.
Cetus Protocol, a preeminent dApp within Sui’s DeFi landscape, suffered a smart contract breach resulting in the loss of approximately $223 million USD ($347 million AUD).
Although Cetus developers were quick to the scene, pausing smart contracts within a few hours, it wasn’t enough to prevent an ecosystem contagion. At the time of writing, certain Sui coins (such as Lofi and Hippo) have fallen more than 70% in value.
Despite the gravity of the hack, Sui’s token itself hasn’t been hit too hard. SUI is down about 1.5% over the past 24 hours of trading – and while it’s the only coin in the top 20 by market cap in the red, it is far from a mass sell-off.
SUI 24-hour chart per CoinMarketCap
So, what was behind the attack and how can Cetus prevent this from happening again?
Related: Coinbase Data Breach Exposes 69,461 Users, Sparks Regulatory Backlash
Hackers Trick Cetus Smart Contract Into Believing ‘Fake Tokens’ Were Worth Millions
According to the Director of digital asset custodian Liminal, Manan Vora, the exploit came about due to fake tokens.
Vora used an…interesting analogy – one that reflects the average age of a crypto Twitter user (sorry not sorry).
Imagine going to a toy exchange. You bring fake toys that look valuable but are actually worthless. Then you trade them for real toys… and run. That’s basically what just happened on Sui.
The security breach’s mechanism was incredibly simple. Basically, the hackers created a bunch of crypto tokens that appeared valuable. In reality, they were worthless – but the smart contracts on Cetus didn’t know that. Rather, the DEX was convinced these fake tokens were actually worth $200 million and happily swapped them out for SUI, USDC and other legitimate coins.
Before anybody could respond, the real money had been drained from the ecosystem and Sui was left reeling.
We’ve learned that a Cetus smart contract was hacked this morning for approximately $223M and Cetus subsequently paused their smart contracts to prevent further theft.
Cetus worked together with the other DeFi protocols, the Sui Foundation, and the Sui validators to… https://t.co/Y1iw2sNnPW
— Sui (@SuiNetwork) May 22, 2025
Sui Participants Act to Freeze Stolen Funds
Despite the seemingly catastrophic events, Sui validators weren’t willing to take it lying down.
Within a few hours of the incident, a collaboration between the Sui Foundation, the Cetus DEX and other validators managed to isolate addresses associated with the stolen funds and ice them from the blockchain.
According to Cetus, a bit less than ¾ of the misappropriated crypto was successfully halted in its tracks – although the blockchain will still need to actually recover the frozen funds to return them to victims.
ANNOUNCEMENT
As of earlier today, we have confirmed that an attacker has stolen approximately $223M from Cetus Protocol. We have took immediate action to lock our contract preventing further theft of funds.
$162M of the compromised funds have been successfully paused. We are…
— Cetus (@CetusProtocol) May 22, 2025
Nevertheless, it is cause for optimism for the affected parties in what was otherwise one of the biggest smart contract hacks in recent history.
The post Cetus DEX Freezes $162 Million After $220 Million Sui Hack appeared first on Crypto News Australia.
Filed under: Bitcoin - @ May 23, 2025 5:19 am