The decentralized alternate Cetus Protocol introduced that hackers have stolen $223 million in cryptocurrency and is providing a deal to cease all authorized motion if the funds are returned.
The challenge additionally introduced a $5 million bounty to anybody offering related data resulting in the identification and arrest of the attacker.
Cetus Protocol is a decentralized alternate (DEX) and liquidity protocol working on the Sui and Aptos blockchains.
It employs a Concentrated Liquidity Market Maker (CLMM) mannequin, permitting liquidity suppliers to allocate belongings inside particular value ranges, enhancing capital effectivity and enabling superior buying and selling methods.
Cetus Protocol boasts a complete buying and selling quantity of $57 billion (as of Might 2025), with over 15 million accounts executing 144 million trades on the platform.
The incident occurred yesterday, initially prompting Cetus Protocol to pause its good contract for investigations.
A couple of hours later, the challenge confirmed the theft and that “$162M of the compromised funds have been efficiently paused.”
.png)
In a later assertion, Cetus Protocol introduced that the hacker had exploited a weak package deal however no particulars have been disclosed.
“We recognized the foundation reason behind the exploit and, fastened the associated package deal, and knowledgeable ecosystem builders as quick as we might with assist from ecosystem members to forestall different groups being affected,” said Cetus Protocol.
Moreover, the platform famous that it has recognized the attacker’s Ethereum pockets handle and accounts, and is working with third events to hint and freeze funds. Legislation enforcement has additionally been knowledgeable.
Cetus Protocol additionally supplied the hacker “a time-sensitive whitehat settlement,” promising to not pursue authorized motion if the funds are returned. To place extra stress on the attacker, the challenge introduced a $5 million bounty for data resulting in the identification and the arrest of the hacker.
In the meantime, a major $162 million was paused on the Sui blockchain following an emergency vote by the validators.
Blockchain analytics firm Elliptic revealed a report based mostly on its visibility of the incident, pointing to a flaw within the automated market maker (AMM) logic, probably involving pool value manipulation enabling flash loan-style assaults.
The blockchain intelligence agency additionally gives an outline of the attacker’s fund motion makes an attempt, together with swaps from USDT to USDC and cross-chain motion from Go well with to Ethereum.
Supply: Elliptic
Elliptic is actively tracing the transactions from the preliminary exploit on Sui to the attacker’s wallets on Ethereum, and the hacker’s handle is flagged on all main exchanges and digital asset service suppliers, stopping laundering or switch makes an attempt.
Primarily based on an evaluation of 14M malicious actions, uncover the highest 10 MITRE ATT&CK methods behind 93% of assaults and defend in opposition to them.
