Cetus Protocol, the decentralized exchange on the Sui blockchain, has suffered a severe security breach resulting in over $223 million in losses. The hack, which affected 46 liquidity pairs, caused a sharp drop in several Sui-linked tokens.
Hacker Used Fake Tokens to Drain Liquidity Pools on Cetus Protocol
Blockchain analysis by Lookonchain identified wallet address “0xe28b50” as the source of the attack. The attacker used counterfeit tokens like BULLA to manipulate pricing formulas in Cetus liquidity pools. By injecting small amounts of fake liquidity, they were able to withdraw significant reserves of real assets. This included SUI and USDC.
The attacker then converted these assets into USDC and began bridging them to Ethereum, reportedly moving over $60 million so far. As of now, one of the hacker’s addresses still holds over 12.9 million SUI tokens—valued at roughly $54 million.
In response, Cetus halted the affected smart contracts and successfully froze around $162 million in funds that had not yet been bridged. The team is now working closely with the Sui Foundation and ecosystem partners to trace and potentially recover the rest of the assets.
Cetus has extended a white-hat bounty offer to the hacker: return the remaining funds and retain 2,324 ETH (approximately $6 million) as a reward. The stolen assets were either still on Sui or bridged to Ethereum. As of the latest on-chain data, the hacker wallets have shown no recent activity.
You May Also Like: SEC Hacker Eric Council Jr. Sentenced for Fake Bitcoin ETF Post After SIM Swap Attack
Sui Ecosystem Tokens Crater—Some Meme Coins Lose 80% Value
Following the hack, the CETUS token—native to the Cetus Protocol—plunged nearly 40%, sliding from around $0.19 to a low of $0.165. However, the token later had a modest recovery. It was trading back up near $0.17 by midday on May 23.
The hack impact was widespread. Haedal, a Sui-based liquid staking platform, also paused its haeVault service due to its reliance on Cetus liquidity. Tokens like LBTC, AXOL, LOFI, HIPPO, and SQUIRT experienced steep declines. Some of the tokens lost over 80% of their value within hours. Cetus Protocol’s total liquidity dropped from over $240 million to just $37 million, according to DeFi Llama.
SUI itself declined over 7.5% to around $3.87. Sui validators implemented a patch to block transactions from the hacker addresses. This coordinated action prevented an estimated $160 million in additional funds from leaving the network.
However, the move has sparked debate about Sui’s decentralization model. Unlike Ethereum or Bitcoin, where censorship is technically difficult, Sui’s validator set—though not centrally controlled—demonstrated the ability to swiftly coordinate and enforce blacklist rules.
Running a validator on Sui requires 30 million staked SUI, ensuring only major holders or large consortiums can participate in governance.
