Cetus Protocol Offers $6 Million to Hacker Behind $223 Million Sui Exploit
Cetus Protocol,the biggest decentralized exchange on the Sui blockchain,is offering a $6 million reward to the hacker behind a $223 million exploit. The incident occurred on May 22.
In a follow-up statement,the Cetus team identified the hacker’s Ethereum wallet. They proposed a “whitehat settlement” to recover user funds. The hacker must return 20,920 ETH and all frozen sui assets. In exchange, they can keep 2,324 ETH, worth about $6 million, and avoid legal action.
This offer is time-sensitive. If the funds are moved or mixed, the deal is off. cetus is working with law enforcement, cybercrime experts, the Sui Foundation, and regulators like fincen and the U.S. Department of defense. Inca Digital is leading the negotiations.
The breach exploited a vulnerability in Cetus’ pricing mechanism. The attacker used spoof tokens—fake assets with manipulated metadata—to inject small amounts of liquidity into trading pools. this distorted the pools’ internal accounting, allowing the hacker to withdraw large quantities of valuable tokens at incorrect exchange rates.
The attacker initially drained $11 million from an SUI/USDC pool. They then intensified the attack, bridging over $60 million to Ethereum and buying over 21,900 ETH. The Sui ecosystem suffered, with smaller tokens losing most of their value and the SUI token dropping up to 15%.
Cetus has paused smart contracts and is securing its platform. The incident raises questions about the security of DeFi protocols on newer chains like Sui and Aptos. Analysts warn that vulnerabilities in complex DeFi logic remain a risk.
For more details,check the official statement.
