Cetus Protocol, the main liquidity provider for SUI, is seeking solutions to the loss of $223M from its DEX liquidity pools. The team offered a white hat deal to the hacker to return the funds currently held on Ethereum.
Cetus Protocol narrowed down the losses from its liquidity vaults to $223M, taken from 46 exploited liquidity pairs. The leading DEX on SUI immediately investigated the incident, locating all funds either on SUI or bridged to Ethereum.
The hacker has been extended a time-sensitive offer to return the funds on Ethereum in exchange for stopping all prosecution.
📜 Dear Sui community, thank you for your patience while our team works on the incident investigation and resolution.
Since taking the actions indicated in our previous announcement, we have also done the following:
1. We engaged the broader ecosystem, Sui team, and related… https://t.co/Gs1EWXZ6AD
— Cetus🐳 (@CetusProtocol) May 22, 2025
The hacker has the chance to retain 2,324 ETH, or around $6M as a bounty if the funds are received immediately. The hacker wallets did not show any movements in the past day.
Cetus is currently carrying only $37M in total liquidity locked, down from over $240M before the hack.
The wallets are mostly blocked and blacklisted from interacting with other ecosystem protocols. The Cetus hack can still mix or use decentralized anonymous protocols to obscure the origin of funds.
Cetus hack exposes controversial SUI decision to block addresses
In an unprecedented move, the SUI network sent out a patch code to all validators, who are actively ignoring transactions originating from the hacker addresses.
The move was efficient in securing $160M of the funds, which were not yet bridged to Ethereum.
This also exposed the reality of SUI validators, which were capable of coordinating based on an ad hoc decision. The SUI network is thus not considered censorship-free, in comparison to larger networks like Ethereum and Bitcoin. On the other hand, the fast consensus to block addresses was a solution against the loss of funds.
SUI validators invoked a governance mechanism in which the decision to block the funds was not actually centralized, but was quickly accepted by all validators. Running a SUI validator node is deliberately expensive, requiring 30M staked SUI. The creation of a validator node either requires an early entry or the gathering of staking deposits from a wide circle of owners.
SUI validators, however, are incapable of moving the funds from the addresses, requiring the hacker to build a new transaction to the predetermined wallet.
SUI sinks further after the hack
Since the hack, SUI has endured significant losses. The token is down over 7.5% to $3.87, although no SUI tokens were directly sold to exchanges.
SUI open interest increased to $963M, with more traders longing the coin in expectation of a recovery.
The relatively large DeFi hack did not affect the main chain’s operation. However, the SUI meme token market saw significant price anomalies and may take a while to recover.
Daily active users on SUI fell from over 1.6M to around 360K in the past 24 hours, showing that the DeFi ecosystem was the main driver of adoption. Cetus Protocol had expanded its liquidity by 70% in the past month, as SUI offered a new wave of meme tokens.
Cryptopolitan Academy: Want to grow your money in 2025? Learn how to do it with DeFi in our upcoming webclass. Save Your Spot
English 
Spanish 