Cetus Protocol, the largest decentralized exchange (DEX) on the Sui network, suffers a security breach resulting in the loss of $223 million worth of tokens

On May 22, 2025, Cetus Protocol, the largest decentralized exchange (DEX) and liquidity provider on the Sui network, has suffered a security breach resulting in the loss of about $223 million worth of tokens.

The attacker exploited vulnerabilities in Cetus Protocol's smart contracts, manipulating price curves and reserve calculations using spoof tokens. This allowed them to extract real assets like SUI and USDC without depositing equivalent value .

Cetus Protocol said on X that it could pause $162 million of the stolen funds and efforts are underway to recover the remaining assets.

The attacker has already bridged a portion of the stolen funds to the Ethereum network, converting them into ETH.

The exploit has caused a lot of disruptions within the Sui ecosystem, leading to a sharp decline in the value of Sui-based tokens, including a 40% drop in the CETUS token.

Liquidity pools have been drained, and user confidence has been affected, prompting discussions about the security and decentralization of the Sui network.

As a result, Cetus Protocol has paused its smart contracts to prevent further losses and is collaborating with the Sui Foundation and other ecosystem participants to investigate the incident and recover funds .

Cetus Protocol is working with the Sui Foundation and other entities within the Sui ecosystem to recover the rest of the funds. 

The Sui Foundation has confirmed that validators are ignoring transactions from addresses associated with the stolen funds to mitigate further risks.