The SUI ecosystem has swayed to its heart by leveraging the network’s largest decentralized exchange Cetus, where $200 million was stolen from the liquidity pool.
Notable SUI meme coins like Lofi (Lofi), Sudeng (Hippo), and Squirtle (Squirt) tanked 76%, 80% and 97% in just an hour. And the popular Cetus Token dropped 53% in the same time frame. According to Dex Screener, the 46 Sui Tokens have suffered double-digit losses over the last 24 hours.
“The attackers exploited the vulnerability of Cetus Protocol’s smart contracts by deploying Spoof Token to manipulate price curves and booking calculations,” said Deddy Lavid, CEO and co-founder of security company Cyvers. Decryption. “This allowed us to extract real assets from multiple liquidity pools, including SUI/USDC pools. The stolen funds have been converted to USDC and are bridged to other chains.”
Peckshield estimates that around $200 million worth of assets have been stolen due to the exploit. The attacker is currently sitting at $164 million in his SUI wallet, burying USDC worth $61.5 million in Ethereum.
A SUI spokesman declined to comment on the exploit when it reached Decryptioninstead, see what the team already shared publicly in X.
In response, Cetus suspended the smart contract to prevent further losses. The exchange has issued a social media statement indicating that an “incident” has been detected and that the team is investigating it.
Alert Announcement 🚨
Incidents were detected in our protocol and our smart contract was temporarily suspended for safety. The team is currently investigating the incident. A further investigation statement will be made soon. We appreciate your patience.
– Cetus🐳 (@cetusprotocol) May 22, 2025
The leaked inconsistency message suggests that the Cetus team believes that the exploit was born as a result of the oracle’s “bug.” Social media users seemed skeptical of this, but Cyvers said Decryption The aforementioned exploit is called an “oracle manipulation attack.”
This is because the attacker could manipulate the Oracle to misrepresent the price via the deployed spoofing token.
The attacker is using USDC Stablecoin to move funds. The Circle caught Flak from industry experts like On-Chain Thruce Zachxbt due to the slow response of frozen funds related to hacking.
(And because it’s worth it, USDT issuer Tether has similar complaints about the fund’s release process where attackers leave windows to avoid punishment.)
“We have repeatedly urged Stablecoin publishers to act on real-time alerts, but many people have chosen to wait for posthumous investigations,” says Lavid. “The pattern is clear. It’s too slow for action.
Circle sleeps knowing another 9fig hack is going on, hackers are bridging all $usdc https://t.co/qexbubwhhg pic.twitter.com/h7qfbhtzjk
-wazz (@wazzcrypto) May 22, 2025
This situation is still developing, along with former Vinance CEO Changpeng “CZ” Zhao, claiming his team is doing what they can to help SUI.
“It’s not a comfortable situation,” he wrote on his previous Twitter account, X. “I hope everyone is with Safu!”
Surprisingly, the price of the SUI has not been so badly affected by news of abuse. According to Coingecko, tokens have actually risen 2.2% over the past 24 hours.
Discover more from Earlybirds Invest
Subscribe to get the latest posts sent to your email.
