Sui’s Biggest Liquidity Provider, Cetus, Hit by $260M Hack; Sui-Based Tokens Plummet 90%

The Sui blockchain ecosystem suffered a significant blow with the exploitation of Cetus Protocol, its largest decentralized exchange (DEX) and liquidity provider. A sophisticated attack resulted in the theft of approximately $260 million worth of tokens, highlighting vulnerabilities within Sui’s DeFi infrastructure.

The exploit targeted Cetus Protocol’s smart contracts, leveraging spoof tokens like BULLA to manipulate price curves and reserve calculations. Attackers manipulated internal liquidity provider (LP) states, repeatedly withdrawing substantial amounts of real assets such as SUI and USDC without making equivalent deposits. This cleverly disguised theft allowed for the extraction of a significant portion of Cetus’s liquidity.

The attacker’s wallet, identified as 0xe28b50, currently holds over 12.9 million SUI tokens, valued at approximately $54 million. However, on-chain data reveals the wallet’s net worth exceeds 32.9 million SUI (roughly $137 million), suggesting the attacker may have already laundered or swapped a portion of the stolen funds through various channels. The wallet remains active, actively obfuscating its holdings.

Cetus Protocol swiftly responded by pausing its smart contracts to prevent further losses and initiated a thorough investigation. The team confirmed the incident on X (formerly Twitter), assuring users of their commitment to addressing the situation and providing a detailed statement in due course. Binance CEO, Changpeng Zhao (CZ), expressed solidarity and offered assistance to Sui, reflecting the broader concern within the cryptocurrency community.

The immediate aftermath has seen a dramatic market response. CETUS token prices have plummeted by 40%, while Sui-based memecoins like BULLA and MOJO experienced even steeper declines, exceeding 90%. This incident underscores the inherent risks within the decentralized finance (DeFi) space and the need for robust security measures to protect against sophisticated attacks. The impact on Sui’s DeFi ecosystem remains to be fully assessed, but this event serves as a stark reminder of the ongoing challenges facing the rapidly evolving landscape of blockchain technology. The investigation into the exploit is ongoing, with the focus on identifying the perpetrators and recovering the stolen funds.