Cetus, Sui’s Largest DEX and Liquidity Provider, Hacked for $223 Million
Cetus Protocol, the leading decentralized exchange (DEX) and largest liquidity provider on the Sui blockchain, has suffered a massive exploit resulting in the loss of $223 million in tokens, the protocol announced on X.
Out of the stolen funds, approximately $162 million have been “paused,” and Cetus is actively collaborating with the Sui Foundation to recover the remaining assets.
The wallet linked to the hack, identified as 0xe28b50, currently holds over 12.9 million SUI tokens—valued at roughly $54 million based on current market prices. On-chain data reveals the wallet’s total net worth exceeds 32.9 million SUI (about $137 million), indicating the attacker may have already moved some funds through various bridges or swaps.
The wallet remains active, likely attempting to obfuscate the stolen assets. This breach underscores the vulnerability of Sui’s DeFi ecosystem, with key token pools and liquidity pairs drained.
Cetus has paused its smart contracts and launched a thorough investigation, explaining in a statement that the attacker exploited faulty price curves and reserve calculations using spoof tokens like BULLA. By adding negligible liquidity, the hacker manipulated the internal liquidity pool (LP) state and repeatedly withdrew genuine assets such as SUI and USDC without depositing real value.
The protocol confirmed the contract pause “for safety” and promised a detailed report soon.
Binance founder Changpeng Zhao (CZ) tweeted that Binance’s team has contacted Sui to offer assistance.
Following the hack, CETUS token prices plummeted 40%, while Sui-based memecoins BULLA and MOJO plunged over 90%.
