Cetus Protocol, the largest decentralized exchange on the Sui blockchain, is offering a $6 million bounty for information about the hacker behind a $223 million exploit that occurred on May 22.
Details of the Hack
The exploit at Cetus Protocol occurred due to a vulnerability in its pricing mechanism, affecting its concentrated liquidity market maker pools. The attacker used spoof tokens to inject tiny amounts of liquidity into trading pools, enabling the withdrawal of substantial quantities of valuable tokens at incorrect exchange rates.
Offer for Fund Recovery
The Cetus team confirmed the identification of the hacker's wallet and offered a 'whitehat settlement' to recover user funds. The hacker is required to return 20,920 ETH and all frozen assets on Sui in exchange for keeping 2,324 ETH, worth approximately $6 million, and immunity from legal action. Cetus emphasizes that this offer is time-sensitive.
Market Impact and Future of DeFi
The exploit severely impacted the Sui ecosystem, with smaller tokens like AXOL and HIPPO losing almost all their value, while the SUI token dropped by as much as 15%. CETUS fell by 20–33%. Users rushed to withdraw funds, leading to a surge in trading volumes. This incident raises concerns about the security of DeFi protocols on newer chains.
The incident with Cetus Protocol highlights the risks associated with DeFi on newer platforms like Sui and Aptos. Despite innovation, vulnerabilities in DeFi logic remain an ongoing threat.
