Nemo, a yield optimization protocol on the Sui blockchain, was targeted in a $2.4 million exploit on Monday, highlighting ongoing security risks in decentralized finance (DeFi).
The attacker stole USDC, the dollar-pegged stablecoin issued by Circle, and reportedly bridged the funds from Arbitrum to Ethereum, according to blockchain security firm Peckshield.
Nemo allows users to split staked assets into Principal Tokens (PT) and Yield Tokens (YT), enabling trading, hedging, or speculation on future yields. Following the hack, the protocol’s total value locked (TVL) dropped sharply to $1.53 million from over $6 million, per DeFi analytics platform DeFiLlama.
The incident underscores that, despite growing institutional adoption in crypto, DeFi platforms remain vulnerable to attacks, emphasizing the need for stronger security safeguards across the ecosystem.
