Podcast Discussion: Deep Dive Into This Article.
The SUI blockchain, one of the rising stars in the layer-1 space, was hit with a seismic blow today as its largest decentralized exchange (DEX) and liquidity provider, Cetus Protocol, fell victim to a massive exploit. Blockchain analysts estimate that the attacker drained between $200 million and $260 million from Cetus’ liquidity pools, marking one of the largest DeFi hacks of 2025. The incident has sent shockwaves through the SUI ecosystem, with token prices collapsing and traders scrambling to assess the fallout. Here’s everything you need to know about the exploit and its ripple effects.
Cetus Under Siege: How the Exploit Unfolded
Cetus Protocol, a cornerstone of SUI’s DeFi ecosystem with a total value locked (TVL) of $241 million and daily trading volumes nearing $294 million, was targeted in a sophisticated attack on May 22, 2025. The exploit, which began in the early trading hours, allowed the attacker to gain control of all SUI-denominated liquidity pools. Early analyses from security firms like PeckShield and Cyvers reveal that the attacker exploited vulnerabilities in Cetus’ smart contracts, specifically an oracle-related flaw. By deploying spoof tokens like BULLA, the attacker manipulated price curves and reserve calculations, siphoning off real assets like SUI and USDC without contributing meaningful liquidity.
The scale of the heist is staggering. On-chain data shows the attacker extracted upwards of $260 million, with the SUI/USDC pool alone losing $11 million in liquidity. The exploiter’s wallet, identified as 0xe28b50, still holds over 12.9 million SUI tokens (worth $54 million) and has already bridged $61.5 million in USDC to Ethereum in $1 million batches. Blockchain investigator Lookonchain reported that the attacker also swapped $58.3 million in USDC for 21,938 ETH at an average price of $2,658 per token, indicating a swift move to launder the stolen funds.
Devastating Fallout: Tokens Crash and Trading Grinds to a Halt
The exploit’s impact on the SUI ecosystem was immediate and brutal. Liquidity across multiple Cetus pools evaporated, causing trading functionality to grind to a halt. Memecoins and SUI-paired tokens bore the brunt of the damage, with prices plummeting 70% to 90% across the board. Tokens like MOJO, HIPPO, LOFI, BULLA, LBTC, and AXOL saw near-total value erasure, with some, like AXOL, dropping 99.5%. CETUS, the platform’s native token, wasn’t spared, crashing over 40% as panic gripped the market.
Users reported failed trades and delayed transaction processing as liquidity vanished, exposing the fragility of SUI’s DeFi infrastructure. The broader SUI token itself took a hit, dropping from $4.18 to $4.00, though it later showed surprising resilience, climbing 2.2% to hover above $3.70 support with 24-hour trading volume surging past $2.5 billion. However, posts on X reflect a cautious sentiment, with some users expressing deep concerns about SUI’s future security and protocol risk.
Cetus’ Response: Too Little, Too Late?
Cetus Protocol quickly acknowledged the incident via an official statement on X, confirming that an “incident” had been detected and that smart contracts were paused to prevent further losses. The team attributed the exploit to an oracle-related vulnerability and promised a full post-mortem report in the coming days. However, their initial attempt to downplay the event as a “bug” in Discord statements drew sharp criticism from compliance experts and the crypto community. Onchain Lens noted that the attacker’s control over SUI-denominated pools was far more severe than a mere glitch, highlighting systemic risks in Cetus’ design.
The timing of the exploit couldn’t be worse. SUI’s TVL had recently surpassed $2.2 billion, and Cetus was riding high with $7.15 million in daily fees. The attack not only obliterated Cetus’ liquidity but also cast a shadow over SUI’s broader DeFi ambitions, especially as the network has been positioning itself as a hub for AI, gaming, and fintech applications in 2025.
The Bigger Picture: DeFi’s Persistent Security Woes
The Cetus exploit underscores a harsh reality in DeFi: even fast-growing platforms remain vulnerable to sophisticated attacks. The use of spoof tokens to manipulate price oracles is a known attack vector, yet Cetus’ failure to safeguard against it raises questions about the security readiness of newer blockchains like SUI. Deddy Lavid, CEO of security firm Cyvers, told Decrypt that the attacker exploited “broken price curves and reserve logic,” a tactic that could have been mitigated with more robust token verification mechanisms and continuous smart contract audits.
This isn’t SUI’s first brush with security issues. In January 2025, a $29 million SUI token theft targeting a major holder exposed similar vulnerabilities, with funds laundered through Tornado Cash. While SUI itself has rarely reported hacks, its DeFi ecosystem—reliant on protocols like Cetus—appears to be a weak link. The incident also highlights the risks of over-reliance on a single DEX, as some users on X pointed out that the exploit could force SUI to diversify its liquidity providers, potentially strengthening the ecosystem in the long run.
What’s Next for SUI and Cetus?
Cetus is working with blockchain security firms like SlowMist and PeckShield to trace the attacker and assess the damage. Major exchanges like Binance have stepped in, with founder Changpeng “CZ” Zhao announcing support to intercept the stolen funds. However, with the attacker already moving funds off-chain, recovery seems unlikely. Cetus has promised a detailed statement, but for now, the platform remains frozen, leaving users and liquidity providers in limbo.
For SUI, the exploit is a critical test of resilience. While the native token has held up better than expected, the collapse of its DeFi ecosystem could deter investors and developers. On the flip side, some in the community see this as an opportunity for growth. As one optimistic post on X noted, “Exploits filter strong projects,” suggesting that SUI could emerge stronger if it addresses these vulnerabilities head-on. SUI’s co-founder, Adeniyi Abiodun, has previously outlined plans to bolster security in 2025—those efforts will now be under intense scrutiny.
Final Thoughts
The Cetus exploit is a stark reminder of the high stakes in DeFi, where innovation often outpaces security. For SUI, a blockchain that’s been gaining traction with its high-throughput Move ecosystem, this incident is a major setback. The loss of $260 million in liquidity, coupled with the collapse of token prices, has shaken confidence in SUI’s DeFi infrastructure. Yet, the network’s ability to weather the storm—both in price action and community sentiment—offers a glimmer of hope.
As investigations continue, the crypto world will be watching closely to see how SUI and Cetus respond. For now, traders and investors should brace for volatility and exercise caution in SUI’s DeFi space. The road to recovery will be long, but if SUI can learn from this disaster, it might just emerge as a more resilient player in the layer-1 race.
This article reflects the opinions of the publisher based on available information at the time of writing. It is not intended to provide financial advice, and it does not necessarily represent the views of the news site or its affiliates. Readers are encouraged to conduct further research or consult with a financial advisor before making any investment decisions.
