The Sui blockchain has come under intense scrutiny following a major security incident involving Cetus Protocol, a decentralized exchange and automated market maker native to the network.
On May 22 (today), over $260 million in digital assets were siphoned from various liquidity pools in what has become one of the largest exploits on the Sui chain to date.
Initial reports of the exploit began circulating online early Wednesday, with on-chain observers identifying suspicious “RemoveAndLiquidity” transactions executed across multiple Cetus pools.
The attacker subsequently bridged $60 million in USDC to Ethereum and converted the stolen assets into approximately 21,938 ETH, according to blockchain analytics.
The exploit rapidly impacted the network's liquidity, especially among volatile tokens such as memecoins, which saw steep declines in value.
Fallout for the Sui DeFi Ecosystem and Market Impact
The consequences of the Cetus exploit rippled throughout the Sui ecosystem. Tokens tied to affected liquidity pools, especially those associated with meme tokens, experienced price crashes of up to 80%.
The market cap of $SUI itself declined to approximately $48 million, while its price dropped by over 7% to $3.80. DeFi trading on the protocol stalled, with users reporting failed swaps and limited ability to exit positions, leaving many retail participants exposed to heavy losses.
Cetus Protocol responded by pausing its smart contracts and issuing a temporary halt to trading. The Sui Foundation acknowledged the breach and confirmed its involvement in mitigation efforts.
While specific details on the exploit’s technical root remain under investigation, members of the Sui community have speculated that the attack may have stemmed from a vulnerability in oracle data feeds.
Oracles, often used to transmit real-world pricing data to blockchain smart contracts, can become single points of failure if improperly implemented or manipulated.
Broader Implications for DeFi Security and Response
The incident has reignited debate around DeFi protocol security, particularly for newer Layer-1 chains like Sui.
Although designed for high-speed and low-fee transactions, the rapid expansion of Sui’s DeFi footprint, including memecoins and new liquidity mechanisms like those used by Cetus, may have introduced untested risks.
Cetus uses a concentrated liquidity model similar to Uniswap v3, which optimizes capital efficiency but also increases complexity in risk management.
Major industry voices have weighed in. Binance CEO Changpeng Zhao wrote on X that they are doing what they can to help SUI, while community sentiment remains mixed.
Several users have raised concerns about the lack of transparency in DeFi security audits and the long-term viability of protocols operating in aggressive growth cycles without strong oversight.
For users affected by the Cetus exploit, questions remain regarding restitution and compensation. According to data from Coinglass, liquidations spiked as traders scrambled to exit positions. Roughly $12.59 million is accounted for from SUI out of the $523 million total liquidations in the crypto market.
