Sui's Biggest Liquidity Provider Hacked for $223 Million, Causing Sui-Based Tokens to Plummet 90%

The decentralized exchange (DEX) and liquidity provider on the Sui network, Cetus Protocol, has been hit by a massive hack worth $223 million. According to a statement from Cetus Protocol on X, the largest DEX and liquidity provider on the Sui network, the hacker drained millions of dollars' worth of tokens in an apparent attack.

The wallet tied to the exploit — 0xe28b50 — currently holds over 12.9 million SUI, valued at approximately $54 million at current prices. On-chain data shows that the address has a net worth exceeding 32.9 million SUI (approximately $137 million), suggesting the attacker may have already bridged or swapped funds through multiple paths.

The Cetus team has paused the smart contracts and is actively investigating, it said in an X post. According to early analysis, the attacker used spoof tokens like BULLA to exploit broken price curves and reserve calculations. They then added near-zero liquidity to manipulate internal LP state and repeatedly removed real assets like SUI and USDC without depositing anything meaningful.

Exploit Path Revealed

The likely exploit path was:1. Swap in spoof token (e.g. BULLA → SUI), taking advantage of miscalculated price curve or broken reserve math.2. Add liquidity with a near-zero amount, to manipulate internal LP state and repeatedly remove real assets like SUI and USDC without depositing anything meaningful.

Cetus Response

Cetus confirmed the incident on X, saying the contract has been paused “for safety” and that a detailed statement will follow. Binance founder CZ said the exchange's team has reached out to Sui to offer help,. CETUS is down 40% in the past few hours, while Sui-based memecoins like BULLA and MOJO have dropped over 90%.

Market Impact

The hack has caused a significant impact on the market, with token prices plummeting. The hacker's actions have further pressured Sui's DeFi infrastructure, as major token pools and pairs remain drained.

Cetus Team's Next Steps

The Cetus team is actively investigating the incident and has paused the smart contracts for safety. A detailed statement will follow in due course.

Update (May 22, 12:00 UTC): Updates headline and story with additional details.

CZ Responds to Sui Hack

Binance founder CZ said the exchange's team has reached out to Sui to offer help,. CZ stated that the hack is a significant blow to the DeFi infrastructure of the Sui network, and it is crucial for users to exercise caution in the coming days.

Cetus Network Response

Cetus Network responded to the incident by saying they are "working closely with the Sui Foundation to recover as much of the stolen funds as possible". The team also emphasized that they value their users' trust and security, and they will take all necessary steps to prevent such incidents in the future.