crypto.news

Sui-Based Cetus Protocol Suspends After $223M Oracle Exploit

By Kevin GiorginJune 6, 2025 at 09:45 AM GMT+2Edited by Josh Sielstad

Cetus Protocol, a leading automated market maker (AMM) on the Sui blockchain, abruptly suspended all operations on June 6 after an oracle manipulation exploit drained approximately $223 million in assets. The incident, one of the largest DeFi hacks of 2025, underscores critical vulnerabilities in cross-chain price feeds and has rattled Sui’s rapidly growing ecosystem.

Exploit Summary

Early this morning, attackers exploited a misconfiguration in Cetus’s oracle integration, feeding false price data that artificially inflated asset valuations. By swapping low-value tokens against inflated pools, they extracted 223 million before on-chain monitors triggered an emergency halt. Wormhole-based stablecoin pools, including USDC-SUI and USDT-SUI, bore the brunt, losing 60% of their combined TVL.

Impact on TVL

Prior to the exploit, Cetus Protocol had amassed a TVL of $310 million, making it Sui’s second-largest DeFi platform. Within hours, TVL plunged to $87 million, as liquidity providers withdrew funds and on-chain arbitrageurs burned manipulated LP tokens. On-chain analytics from DefiLlama confirm a net outflow of $163 million between 06:00 and 08:00 GMT+2.

Protocol Response

Cetus’s core team announced a full suspension of smart contracts and initiated an on-chain governance vote to approve emergency patches. “We are working with security auditors and the Sui Foundation to roll back affected blocks and restore legitimate balances,” said lead developer Maria Chen. A proposed patch aims to replace the compromised oracle adapter within 48 hours.

Meanwhile, Cetus has set up a compensation fund targeting 30% of losses, sourced from protocol reserves and community grants. Eligible liquidity providers will submit proof-of-loss claims for partial reimbursement once governance passes.

Broader Concerns

The hack reignites debate over oracle security in DeFi. Sui’s native oracles, while fast and low-cost, lack the decentralized robustness of Chainlink or Band Protocol. “Single-source oracles are a single point of failure,” warns blockchain researcher Alexei Dobrov. Cross-chain oracle bridges further compound risk, as seen in prior exploits on Fantom and Avalanche.

Investor confidence in Sui-based DeFi has taken a hit: on-chain sentiment metrics from Santiment show a 40% drop in positive mentions of “Cetus” and “Sui AMM” over the past 24 hours.

Outlook

Restoration hinges on successful governance and a secure oracle overhaul. If the community backs the rollback, Cetus could resume operations within a week, though TVL is unlikely to fully recover without stronger security assurances. Meanwhile, Sui’s broader DeFi ecosystem may pivot toward multi-oracle solutions and heightened audit requirements.

As DeFi platforms chase rapid growth, this exploit serves as a stark reminder: robust oracle design and decentralized price feeds are non-negotiable in safeguarding user funds and sustaining long-term network credibility.

You might also like:

$BC Token Soars 87% After Daily Rebate Program Launch
Disclosure: This article does not represent investment advice. The content and materials featured on this page are for educational purposes only.