According to Onchain Lens, an on-chain data tracking platform, the Sui ecosystem’s decentralized trading and liquidity protocol Cetus Protocol was reportedly attacked by hackers on Thursday evening. The attackers gained control of all SUI-denominated liquidity pools, stealing over $200 million, and have begun transferring the funds.
Data shows that multiple SUI ecosystem tokens have experienced significant declines, likely due to liquidity withdrawal triggered by the hacker’s fund transfers. Among them, the token CETUS of Cetus has dropped over 30% in the past two hours.
The cybersecurity firm Slow Mist pointed out that the hackers are converting part of the stolen funds into USDC and bridging them to Ethereum. Slow Mist’s cybersecurity lead, 23pds, stated that the related vulnerability is suspected to be caused by a calculation precision issue.
Cetus Protocol has just announced that it has detected abnormal events and has paused the operation of its smart contracts for security reasons. The team is investigating the matter and will release updates shortly.
5/22 23:34 Update:
Cetus stated in another announcement that it has confirmed the attacker stole approximately $223 million in funds, of which $162 million has been successfully frozen. The team is currently working with the Sui Foundation and other ecosystem members to seek the next steps for a solution, aiming to recover the remaining stolen funds.
The official Sui statement added that Cetus is closely collaborating with other DeFi protocols, the Sui Foundation, and Sui’s validators to safeguard the entire ecosystem’s security. Several validators have identified the addresses used to transfer the stolen funds and will ignore transactions from these addresses until further notice. The Cetus team is actively seeking ways to recover funds and return them to the community.
According to Slow Mist founder Yu Xian, the remaining unfrozen assets of over $60 million have almost all been converted into Ether (ETH), totaling 23,243 coins.
