Sui DEX Cetus Suspected of Being Hacked: Up to $200 Million Lost
Cetus, a decentralized exchange (DEX) built on the Sui blockchain, has been hit by an apparent hack, with onchain data showing rapid asset drainage despite the team portraying the incident as a “bug.” The alleged exploit is believed to have drained more than $200 million worth of digital assets from the platform.
A pseudonymous Web3 researcher, COMDARE3, posted on X that “users report” that Sui-based DEX Cetus is being exploited. They also shared a screenshot of Cetus market data on DEX Screener, showing many assets losing well over half of their value over the last 24 hours.
The team behind Extractor, an onchain monitoring tool developed by crypto cybersecurity company Hacken, confirmed that “at least $63m was already bridged to Ethereum, 20k ETH was just transferred to a fresh wallet” in a single transaction. A Hacken representative told Cointelegraph that these findings were confirmed by the company’s Web3 researcher, Yehor Rudytsia.
Cetus pool data shows that as of the time of writing, the DEX processed $2.9 billion worth of transactions on May 22, a significant increase over the $320 million reported on May 21. This heightened level of activity may have been caused by funds being siphoned out of the protocol.
A Cetus representative confirmed that an attacker stole approximately $223 million from Cetus Protocol and that $162 million of the funds had been frozen. “We are working with the Sui Foundation and other ecosystem members right now on next-step solutions, with the goal of recovering the remaining stolen funds,“ they said.
A Sui representative told Cointelegraph that Cetus worked with other decentralized finance (DeFi) protocols, the Sui Foundation, and network validators to collectively protect the ecosystem. They added: Some tokens, such as Lombard Staked BTC (LBTC) or AXOLcoin (AXOL) lost most of their value on Cetus. The top 15 losers all lost in excess of three-quarters of their price.
Knock-on effects have already become apparent, with the Sui-based money market, Scallop, halting all borrowing on its protocol. The protocol said in an X post that a further announcement would be made when operations resume, but assured users that funds are safe.
Outside Cetus, LBTC appears to have gained over 4% in value over the last day, according to CoinMarketCap data. Others, such as Axol (AXOL), have not been as fortunate, with CoinMarketCap data showing a loss of nearly 99.5%. The alleged exploiter’s address contains nearly $52 million of Sui (SUI) tokens, $4.9 million of Haedal Staked SUI (HASUI), over $19.5 million of Toilet (TOILET), nearly $19.5 million of wrapped USDt (USDT) and many other assets.
The official Cetus X profile confirmed that an incident on the protocol was detected, and the smart contract was paused for safety. It added that an investigation was ongoing. However, blockchain analysts and compliance firms are raising concerns about the project’s transparency. A representative from AMLBot told Cointelegraph: Related: AI tool claims 97% efficacy in preventing ‘address poisoning’ attacks The AMLBot representative — referring to statements made by Cetus team members on Discord — further explained that while the Cetus team “is calling this incident ‘just a bug,’ — the timing raises questions.”
Onchain data service Onchain Lens stated in an X post that “the attacker gained control of all SUI-denominated pools, exploiting over $200M, and has also started moving $USDC.” Magazine: DeFi’s billion-dollar secret: The insiders responsible for hacks