Subscribe our newsletter and get updated with latest news

Subscribe

Crypto News Media

Cetus Protocol Hacked for $223M in DeFi Exploit — Offers $6M Bounty to Attacker for Asset Recovery

Mary Jane Avatar
Mary Jane
  • Cetus Protocol, the largest DEX on the Sui blockchain, was exploited for $223 million through a spoof token attack that manipulated its pricing system.
  • The team has offered the hacker a $6 million bounty and legal immunity to recover the stolen assets.

In a chilling reminder of the fragility of decentralized finance, Cetus Protocol, the leading decentralized exchange (DEX) on the Sui blockchain, suffered a staggering $223 million exploit on May 22. The attack, which exploited a loophole in the protocol’s pricing mechanism, has left the DeFi community reeling—and the Cetus team scrambling.

The attack leveraged a sophisticated spoof token scheme, deploying fake or low-value tokens with manipulated metadata to distort the protocol’s internal accounting. By injecting minimal liquidity and executing precisely-timed flash swaps, the hacker was able to siphon off massive amounts of legitimate tokens like SUI and USDC at erroneous exchange rates.

Also read: Ripple vs SEC Lawsuit Update: Judge Rejects Settlement, XRP Faces Prolonged Uncertainty

Initial losses from the SUI/USDC liquidity pool totaled $11 million, but the theft quickly snowballed. The attacker moved over $60 million to Ethereum and now controls more than 21,900 ETH along with substantial holdings in SUI and various stablecoins.

In a dramatic bid to recover the funds, Cetus has issued an on-chain message to the attacker, offering a whitehat settlement: return the assets and walk away with $6 million in ETH, no legal consequences attached. The deal, however, comes with a caveat—the funds must remain unlaundered.

With the hacker’s Ethereum wallet identified, Cetus is coordinating efforts with law enforcement, the Sui Foundation, FinCEN, and even the U.S. Department of Defense. Cybersecurity firm Inca Digital is leading the negotiations.

Despite passing recent security audits, this exploit has spotlighted the risks inherent in DeFi platforms—especially those built on newer blockchains like Sui and Aptos. The attack didn’t stem from a simple coding flaw but from exploiting economic mechanisms that traditional scans failed to catch.

The fallout has been swift: SUI plunged by 15%, and smaller ecosystem tokens like AXOL, HIPPO, and SQUIRT nosedived. CETUS, the native token of the protocol, dropped up to 33%. In response, the platform has paused all smart contracts as panic-driven trades surged.