Cetus Protocol, one of the top decentralized exchanges (DEXs) on the Sui blockchain, is back online after suffering a $223 million exploit that forced a full service suspension for over two weeks. Following extensive community-led remediation, funding support, and emergency security audits, the platform has resumed operations—but not without scars.
What Happened: The $223M Exploit
On May 22, 2025, Cetus fell victim to a smart contract vulnerability in its shared math library. According to cybersecurity firm SlowMist, the issue was tied to an integer overflow bug that allowed attackers to manipulate token calculations and drain funds from liquidity pools.
Approximately $223 million worth of tokens were siphoned off, prompting an immediate shutdown of all operations, freezing of smart contracts, and emergency investigations.
Price Reaction and TVL Drop
The attack triggered major fluctuations in both Cetus’ native token CETUS and the broader Sui ecosystem. Here’s how prices and TVL shifted:
SUI Price Impact Table
| Asset | Pre-Exploit Price | Post-Exploit Low | Recovery Level (as of June 10) |
|---|---|---|---|
| CETUS Token | $0.187 | $0.126 (-32.6%) | $0.154 (18% below pre-hack) |
| SUI Token | $1.43 | $1.27 (-11.1%) | $1.33 (down 7%) |
| TVL on Cetus | $284M | $124M | $239M (84% restored) |
Cetus, in coordination with the Sui Foundation, initiated a multi-phase recovery plan:
$162 million of stolen assets were successfully frozen and later returned with the help of Sui validators.
The Sui Foundation issued a $30 million USDC emergency loan, bolstered by $7 million from Cetus’ treasury to replenish lost liquidity.
Smart contracts were patched and re-audited by OtterSec, while governance voting allowed recovered funds to be returned to affected pools via multisig wallets.
Additionally, Cetus announced:
A 15% CETUS token allocation for user compensation (5% immediate, 10% vesting over 12 months).
A $6 million white-hat bounty for information leading to the attacker.
Legal proceedings against unknown parties now underway across multiple jurisdictions.
Platform Relaunch and Liquidity Status
As of June 10, Cetus has restored between 85% and 99% of its pre-hack liquidity across most pools. Trading resumed with full user access, and within 24 hours of reopening, Cetus once again ranked among the top 10 DEXs on the Sui network by volume.
Despite this, CETUS token prices remain about 18% below pre-hack levels, reflecting cautious optimism in the market.
Ecosystem Reactions and Broader Risks
Industry leaders praised the speed and coordination of Cetus’ response. Still, analysts warn that library-level vulnerabilities, like the one exploited here—are a systemic issue in smart contract ecosystems.
“This was not just a Cetus failure,” said DeFi researcher Angela Ko from Blocksec. “It’s a wake-up call for all projects reusing libraries without rigorous, ongoing audits.”
Key Takeaways
Library-level vulnerabilities are a systemic threat in smart contract design, this exploit highlights a critical industry-wide pain point.
Rapid multi-vector response—validators freezing funds, community governance, and lender support—was vital in stabilizing the protocol.
User compensation blends on-chain dollars and token allocation, signaling a shift away from all-cash remediation strategies.
Governance and transparency—open-source commitments, audits, and bounties, will be key to rebuilding and enhancing trust.
What Comes Next?
Cetus has outlined a forward-looking roadmap to restore full user confidence:
Open-sourcing key components of the DEX for community review.
Enhancing real-time monitoring and security dashboards.
Continuing bug bounty programs to incentivize white-hat contributions.
Launching a community compensation dashboard for transparent fund tracking.
These steps aim to position Cetus as not just a recovered protocol, but a model for post-hack resilience in DeFi.
Conclusion
The Cetus exploit was one of the largest DeFi breaches of 2025, but the swift and transparent recovery has drawn praise from developers, investors, and users alike. With enhanced security, community governance, and a commitment to open-source architecture, Cetus is working to turn crisis into opportunity.
However, the incident also raises larger questions: how secure are smart contract libraries, and how can the DeFi industry proactively mitigate shared risk?
Frequently Asked Questions (FAQs)
What caused the $223 million hack on Cetus?
The exploit was caused by a vulnerability in Cetus’ shared math library—a type of integer overflow bug that let attackers manipulate token calculations to drain liquidity pools.
How much of the stolen funds were recovered?
Roughly $162 million of the stolen funds were frozen and returned with the help of Sui validators, while the remaining losses are being addressed through token compensation and legal action.
How are users being compensated?
Cetus allocated 15% of the CETUS token supply for user compensation—5% distributed immediately and 10% to be vested over the next 12 months.
Is Cetus safe to use again?
Cetus has relaunched with audited smart contracts, restored liquidity (85–99% recovery), and new real-time security monitoring. While trust is rebuilding, caution and due diligence are still advised.
Glossary of Key Terms
Cetus Protocol: A decentralized exchange (DEX) built on the Sui blockchain, enabling token swaps, liquidity pools, and DeFi trading.
Sui Blockchain: A high-performance layer-1 blockchain designed for scalability and fast transaction speeds, known for hosting emerging DeFi platforms.
DEX (Decentralized Exchange): A peer-to-peer crypto trading platform that operates without a central authority or intermediary.
Integer Overflow Bug: A coding vulnerability where calculations exceed storage limits, often used by hackers to manipulate smart contracts.
Liquidity Pool: A collection of tokens locked in a smart contract to enable trading on decentralized exchanges.
TVL (Total Value Locked): A metric representing the total capital held in DeFi protocols, including staked or locked tokens.
CETUS Token: The native token of the Cetus Protocol, used for governance, liquidity incentives, and user rewards.
Multisig Wallet: A type of digital wallet that requires multiple private keys to authorize a transaction, often used for added security.
Sources and References
The price predictions and financial analysis presented on this website are for informational purposes only and do not constitute financial, investment, or trading advice. While we strive to provide accurate and up-to-date information, the volatile nature of cryptocurrency markets means that prices can fluctuate significantly and unpredictably.
You should conduct your own research and consult with a qualified financial advisor before making any investment decisions. The Bit Journal does not guarantee the accuracy, completeness, or reliability of any information provided in the price predictions, and we will not be held liable for any losses incurred as a result of relying on this information.
Investing in cryptocurrencies carries risks, including the risk of significant losses. Always invest responsibly and within your means.
For advertising inquiries, please email . [email protected] or Telegram
