Now Reading: Cetus DEX Hacked for $260M on Sui Blockchain in One of 2025’s Largest DeFi Exploits
-
01
Cetus DEX Hacked for $260M on Sui Blockchain in One of 2025’s Largest DeFi Exploits
Cetus DEX Hacked for $260M on Sui Blockchain in One of 2025’s Largest DeFi Exploits
The Sui blockchain was rocked by one of the largest decentralized finance (DeFi) exploits of the year after Cetus Protocol, its leading decentralized exchange (DEX), suffered a massive hack that drained an estimated $260 million in digital assets.
The attack, which began in the early hours of Wednesday, caused SUI’s token price to drop by over 15%, currently trading near $3.90. The exploit has raised fresh alarms over the persistent vulnerabilities facing Web3 platforms, even those built on next-gen blockchains like Sui.
Blockchain security analysts at Lookonchain and Hacken traced the hack to a wallet address labeled “0xe28b50.”
The attacker is believed to have manipulated Cetus’ smart contracts using phony tokens like BULLA to exploit liquidity pools. This allowed them to drain real assets, including:
- 12.9 million SUI (approx. $54 million)
- $60 million in USDC
- $19.5 million in Toilet (TOILET)
- $4.9 million in Haedal Staked SUI (HASUI)
- Other significant tokens, including wrapped USDt
Initial reports suggested $200 million was stolen, but updated analysis pegs the total impact closer to $260 million. Over $212 million was moved to Ethereum through high-speed transactions, reportedly at a rate of $1 million per minute, according to compliance firm AMLBot.
One transaction alone moved 20,000 ETH to a newly created Ethereum wallet, confirming suspicions of rapid cross-chain laundering. Analysts suggest the attacker targeted all SUI-denominated liquidity pools, leveraging complex transaction layering to obscure the flow of funds.
Cetus paused its smart contracts immediately upon detection of abnormal activity at 3:52 AM PT and issued a public statement confirming an active investigation.
“We are working around the clock to identify the root cause and pursue fund recovery,” the team stated.
The exchange also saw an explosion in transaction volume, ballooning from $320 million to $2.9 billion during the exploit window—clear evidence of liquidity drain.
Crypto personalities, including Binance founder Changpeng Zhao (CZ), voiced support for the Sui community.
“Not a pleasant situation. Hope everyone stay SAFU!” CZ posted on X, signaling potential assistance.
Yet, despite initial communication, neither the Cetus nor Sui development teams have provided a comprehensive post-mortem, leading to unease among investors.
A Wake-Up Call for DeFi
This incident isn’t just a blow to Cetus; it’s a major credibility crisis for the Sui ecosystem and decentralized finance as a whole. While DEX platforms pride themselves on transparency and security, the ease and speed with which funds were moved—and the attacker’s use of spoof tokens—highlight systemic weaknesses in protocol design and monitoring.
The exploit also affected several tokens. While some, like Lombard Staked BTC (LBTC), oddly saw a 4% price increase, others, including AXOLcoin (AXOL), plunged over 75%.
Industry experts warn that such exploits are rarely “simple bugs,” as Cetus initially suggested. Given the coordination and speed of the attack, AMLBot and others suggest this may have been a highly orchestrated operation, possibly involving insider knowledge or advanced automated tooling.
Editorial Note: This news article has been written with assistance from AI. Edited & fact-checked by the Editorial Team.
Interested in advertising with CIM? Talk to us!
