Sui’s Biggest Liquidity Provider Hacked for $223M, Causing Sui-Based Tokens to Plummet

Cetus Protocol, Sui’s leading decentralized exchange (DEX) and liquidity provider, suffered a significant exploit resulting in the theft of approximately $223 million worth of tokens. The incident, confirmed by Cetus Protocol on X (formerly Twitter), highlights vulnerabilities within Sui’s burgeoning DeFi ecosystem.

The attacker exploited weaknesses in price curves and reserve calculations, leveraging spoof tokens like BULLA to manipulate the system. This involved adding near-zero liquidity to manipulate internal liquidity pool (LP) states, allowing for repeated withdrawals of substantial assets—including SUI and USDC—without commensurate deposits. The exploit’s sophistication is evident in the attacker’s ability to obfuscate their tracks, utilizing multiple paths to bridge and swap stolen funds.

The compromised wallet, 0xe28b50, currently holds over 12.9 million SUI, valued at approximately $54 million. However, on-chain data reveals a net worth exceeding 32.9 million SUI (roughly $137 million), indicating a more extensive haul that is likely being actively laundered. Cetus has taken swift action, pausing its smart contracts to prevent further losses and initiating a thorough investigation. The team is collaborating with the Sui Foundation to recover the stolen funds. A detailed post-mortem analysis is forthcoming.

The incident has sent shockwaves through the Sui network. Cetus’s token has experienced a 40% drop, while Sui-based memecoins like BULLA and MOJO plummeted over 90%. The attack underscores the risks inherent in decentralized finance and emphasizes the need for robust security measures. Binance CEO Changpeng Zhao (CZ) publicly offered assistance to the Sui Foundation, indicating the broader community’s concern and the gravity of the situation. The $162 million that was paused may eventually be recovered, but the remaining funds remain at large, causing significant damage to the Sui ecosystem. The ongoing investigation is crucial for restoring trust and preventing similar incidents in the future.