The decentralized trade Cetus Protocol introduced that hackers have stolen $223 million in cryptocurrency and is providing a deal to cease all authorized motion if the funds are returned.
The challenge additionally introduced a $5 million bounty to anybody offering related info resulting in the identification and arrest of the attacker.
Cetus Protocol is a decentralized trade (DEX) and liquidity protocol working on the Sui and Aptos blockchains.
It employs a Concentrated Liquidity Market Maker (CLMM) mannequin, permitting liquidity suppliers to allocate property inside particular worth ranges, enhancing capital effectivity and enabling superior buying and selling methods.
Cetus Protocol boasts a complete buying and selling quantity of $57 billion (as of Might 2025), with over 15 million accounts executing 144 million trades on the platform.
The incident occurred yesterday, initially prompting Cetus Protocol to pause its sensible contract for investigations.
Just a few hours later, the challenge confirmed the theft and that “$162M of the compromised funds have been efficiently paused.”
.png)
In a later assertion, Cetus Protocol introduced that the hacker had exploited a weak bundle however no particulars have been disclosed.
“We recognized the basis reason behind the exploit and, fastened the associated bundle, and knowledgeable ecosystem builders as quick as we may with assist from ecosystem members to forestall different groups being affected,” said Cetus Protocol.
Moreover, the platform famous that it has recognized the attacker’s Ethereum pockets tackle and accounts, and is working with third events to hint and freeze funds. Regulation enforcement has additionally been knowledgeable.
Cetus Protocol additionally provided the hacker “a time-sensitive whitehat settlement,” promising to not pursue authorized motion if the funds are returned. To place extra strain on the attacker, the challenge introduced a $5 million bounty for info resulting in the identification and the arrest of the hacker.
In the meantime, a big $162 million was paused on the Sui blockchain following an emergency vote by the validators.
Blockchain analytics firm Elliptic printed a report primarily based on its visibility of the incident, pointing to a flaw within the automated market maker (AMM) logic, probably involving pool worth manipulation enabling flash loan-style assaults.
The blockchain intelligence agency additionally gives an outline of the attacker’s fund motion makes an attempt, together with swaps from USDT to USDC and cross-chain motion from Go well with to Ethereum.
Supply: Elliptic
Elliptic is actively tracing the transactions from the preliminary exploit on Sui to the attacker’s wallets on Ethereum, and the hacker’s tackle is flagged on all main exchanges and digital asset service suppliers, stopping laundering or switch makes an attempt.
Primarily based on an evaluation of 14M malicious actions, uncover the highest 10 MITRE ATT&CK strategies behind 93% of assaults and defend towards them.
