Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Briefly
- The attackers exploited vulnerability in smart contracts Cetus Protocol using Spoof tokens to manipulate prices and exhausting pools of liquidity at the highest decentralized SUI exchange.
- Popular sui tokens, including Lofi, Sudeng and Squirtle, fell 76-97% within an hour, while Cetus token itself dropped 53% because 46 sui tokens filled two-digit losses.
- The attacker has $ 164 million in Sui wallet and has already bridged $ 61.5 million to USDC Ethereum, and Cetus paused contracts and investigations, while the native Token Sui increased 2.2%.
Sui ecosystem exploited in the core of the network exploitation the largest decentralized exchange Cetus, which recorded $ 200 million stolen from the liquidity base.
Significant sui meme coins like lofi (Praise), A judge (HORSE), and stingy (SPURT) Placed 76%, 80%and 97%in just an hour. And popular Said Token dropped 53% in the same time frame. According to Dex Screener46 Sui Token in the last 24 hours made double -digit losses.
“The attacker used vulnerability in smart contracts Cetus Protocol, arranging the toes for Spoof to manipulate the prices and calculations of reserves,” Deddy Lavid, Executive Director and Co -founder of the Security Company Kiverssaid Decipher. “This allowed them to pull out the actual property from multiple liquidity pools, including the SUI/USDC pool. Stolen funds are converted to USDC and bridged into other chains.”
Peckshield estimates that the property is worth approximately $ 200 million stolen for this exploitation. The attacker currently has $ 164 million Sui wallet And there is tired of $ 61.5 million The value of USDC to Ethereum.
AND Sui A spokesman refused to comment on exploitation when he reached DecipherInstead, referring to what the team had already divided into X.
In response, Cetus paused his smart contracts to prevent further losses. The exchange has issued a Social Media Statement Stating that the “incident” was discovered and that his team explored him.
🚨alert announcement 🚨
In our protocol, an incident was discovered, and our smart contract was temporarily paused for safety. The team is currently investigating the incident. A statement of further investigation will be made soon. We are grateful for your patience.
– Cetus🐳 (@cetusProTocol) May 2, 2025
Leaked disagreement messages propose That the Cetus team believes that the exploitation came as a result of “bug” in his Oracle. It seemed to be users on social networks skeptical of this, but Cyvers said Decipher The aforementioned exploitation is called “Oracle’s manipulation attack.
This is because the attackers managed to manipulate Oracle to misunderstand the price through the hazardous tokens.
The attacker moved funds using USDC Stablecoin. Circle grabbed the flake of an industry expert, like Sleuth on the chain ZachxbtFor his dispute reaction in freezing haquets – taking more than five hours to block the funds associated with Nuybit hack in February.
(And for what is worth it, the USDT issuer had similar complaints for his Funds release procedure leaving a window to the attackers to avoid punishment.)
“We have repeatedly invited Stablecoin publishers to act on our real -time warnings, but many still decide to wait for investigations after Motte,” Lavid said. “The pattern is clear: the action is coming too late, if it comes at all. In this environment, the threat of the delay cannot be distinguished from inactivity.”
This situation is still developing with former Binance’s executive director Changpeng “CZ” Zhao claiming that his team does everything he can to help Sui.
“Not a comfortable situation,” he wrote on xearlier Twitter. “I hope everyone will stay safe!”
Surprisingly, the price of the exploitation was not too badly influenced by Suie’s price. Token actually rose 2.2% in the past 24 hours, according to Co ringecko.
Daily review Bulletin
Start every day with top news, plus original features, podcast, videos and more.
