Cetus Protocol, a decentralized exchange operating on the Sui blockchain, has experienced one of the largest attacks in its history. According to official statements, attackers exploited the system using fake tokens and manipulated price curves, extracting approximately $260 million worth of digital assets. The incident has shaken not only Cetus but the entire Sui DeFi ecosystem.
Structure of the Attack: Manipulation with Fake Tokens
Initial analysis shows that the attacker used fake tokens like BULLA to manipulate Cetus’s price curve calculations and reserve system. A low-value trade was conducted using the fake token, followed by a small liquidity addition that disrupted the protocol’s internal balance. As a result, real assets from the pools were drained and moved off the system.
During the attack, the following assets were transferred to the attacker’s wallet:
- $52 million worth of SUI
- $4.9 million in Haedal Staked SUI (HASUI)
- $19.5 million in Toilet (TOILET)
- $19.5 million in wrapped USDT (wUSDT)
Additionally, according to Extractor data developed by Hacken, the attacker bridged $63 million to Ethereum and transferred 20,000 ETH to a new wallet.
First Response from the Cetus Team: Smart Contracts Suspended
Immediately after the attack, the Cetus team announced that they had suspended smart contracts and paused the system for security reasons. Although the team described the incident as a “simple mistake,” this statement was met with backlash from the crypto community. A more detailed explanation is expected in the coming days.
Cetus’s native token CETUS dropped 40% within hours, and other ecosystem tokens also saw significant declines. Particularly, Sui-based memecoins like BULLA and MOJO suffered losses of over 90%.
Chain Reactions Across the Ecosystem
This attack has affected not only Cetus users but the broader Sui ecosystem. For example, Scallop, a Sui-based lending protocol, suspended all borrowing operations. Meanwhile, DEX trading volume surged from $320 million to $2.9 billion in 24 hours—indicating massive fund movement.
Several tokens collapsed completely following the attack:
- AXOLcoin lost 99.5% of its value
- LBTC dropped by more than 75%
Security Test for Sui and DeFi Protocols
This incident once again highlighted how serious the consequences of security vulnerabilities in DeFi ecosystems can be. The fact that Cetus was the largest DEX and liquidity provider on Sui has amplified the impact of the event.
On the other hand, the community and developer teams responded quickly. Binance founder CZ announced that they had offered assistance to Sui developers. Many projects have also decided to restart their security audits.
A detailed explanation from the Cetus team is expected to clarify the scope of the attack and how the damage will be addressed. However, the current situation reveals that users have suffered significant losses, and there are structural vulnerabilities in the system. Rebuilding trust will not be easy. In the coming period, not only Cetus’s but the entire Sui ecosystem’s response will be decisive.
This development stands as a critical case study for the decentralized finance world and should be monitored closely.
