In one of the most momentous events of 2025, the decentralized exchange Cetus suffered a sophisticated attack that brought about the loss of $223 million in crypto assets.
The incident, now generally called ‘The Cetus Hack,’ was not a simple exploitation of a vulnerability but rather an orchestrated digital heist that used token spoofing, smart contract manipulation, and a neat escape route that concluded with tens of thousands of Ether apparently disappearing into thin air.
Even though the incident was serious, the Sui blockchain—hosting the Cetus DEX—was still running and stable. While parts of the DeFi ecosystem panicked, the Sui infrastructure stood tall, keeping coordinated in real-time and maintaining zero downtime.
Inside the Exploit: Token Spoofing and Overflow Glitch
Per security analysts and on-chain forensics, the attacker started the breach by creating a fake token and shoving an almost nonexistent amount of liquidity into a Cetus pool. This action, while seemingly trivial, caused an overflow in the automated market maker’s math logic, breaking its balance calculations and allowing the attacker to pull out large quantities of legitimate tokens—$SUI and $USDC—without providing any corresponding value.
In just a few minutes, the assailant siphoned off an estimated $223 million worth of tokens. Of that, about $60 million got out of the protocol before countermeasures were enacted. The money was swiftly bridged to Ethereum, where it was turned into around 22,000 ETH.
THE CETUS HACK: $223M GONE. $6M ON THE TABLE.
This wasn’t a glitch.
It was a heist.Fake tokens. Overflow exploit. 22K ETH exit.
Now a $6M bounty is being offered to get the money back.But the real story?
Sui just proved it’s built for chaos. 🧵 pic.twitter.com/TFpnOCCa1d— Kyle Chassé / DD🐸 (@kyle_chasse) May 23, 2025
The attack’s audacity and precision took many in the DeFi world by surprise. Memecoins across the Sui ecosystem fell by as much as 90%; the satellite tokens that go along with the Sui ecosystem saw huge price drops. Even the stablecoin $USDC temporarily fell off its peg. And yet, the blockchain’s native token, $SUI, pump stays relatively safe. That’s the takeaway from the episode.
Damage Control in Real-Time: No Chain Halt, No Panic
What made this exploit different from other high-profile breaches? It wasn’t just the mass of stuff they made off with; it was what happened next. Most blockchains, when they’re really under threat, either pause operations and go into emergency mode or just flat-out roll back some transactions. Didn’t happen here. Sui kept right on operating. In fact, the validators coordinated so well that you’d almost think they were prepped & ready for a network-defining moment.
This is particularly remarkable in a setting where numerous layer-1 blockchains count on centralized interventions or “pauses” to reduce harm. Sui, instead, illustrated the advantages of strong architecture and decentralized decision-making, even in extreme levels of stress.
Cetus proclaimed a $6 million bounty in the hours after the attack—payable in $SUI tokens—for the return of the stolen funds. This is not your standard bug bounty; it’s a last-ditch negotiation. Cetus is offering what amounts to ransom, and hoping to recover stolen assets before they are laundered using the usual privacy tools and mixers.
Sui Deploys Emergency Tools as Recovery Effort Begins
In a high-stakes effort to reclaim authority over the situation, Sui has put into effect a fresh whitelist function that enables certain transactions to circumvent standard security protocols. Rounding out the suite of new tools is a restore module, accessible only to a select few, that could let Sui either pull back assets snatched by the attackers or pay back the many liquidity providers whose funds were misappropriated.
These devices signify a bold but thoughtful move in the direction of responding to DeFi incidents. While detractors may ask whether security is being bypassed in too many places, the transparency of Sui’s actions and the speed with which they have been carried out suggest that a very well-coordinated recovery plan is in progress.
Even though Cetus has suffered a large amount of damage and the wider DeFi space on Sui has been impacted, the Sui chain itself seems to have passed a significant stress test. This situation serves not only to starkly illustrate how vulnerable complex smart contracts are but also to underline the resilience and responsiveness of Sui’s core architecture.
The next move is for the attacker to make—but the bounty is active, and the pursuit has begun.
Disclosure: This is not trading or investment advice. Always do your research before buying any cryptocurrency or investing in any services.
Follow us on Twitter @nulltxnews to stay updated with the latest Crypto, NFT, AI, Cybersecurity, Distributed Computing, and Metaverse news!
Source: https://nulltx.com/cetus-exploit-drains-223m-defi-faces-massive-breach-while-sui-network-holds-firm/