cyrpto 223M, bounty, Cetus, exploit, Hacker, offers, Protocol Mark May 23, 2025 0 Comments

Cetus Protocol offers hacker $6M bounty after $223M exploit

The Cetus protocol, the largest decentralized exchange on the AU blockchain, offers a bonus of $ 6 million on the pirate behind a huge feat of $ 223 million occurred on May 22.

In a follow -up of May 22 statement Accompanied by a chain message, the CETU team confirmed that it had identified the attacker’s Ethereum portfolio and had offered a “Whitehat regulation” to recover user funds. The pirate is invited to return 20,920 ETH and all the frozen assets on suis (Sui) in exchange for maintaining 2,324 Ethereum (Ethn), worth around $ 6 million, and immunity against legal action.

Cetus said it was a temporal offer and that if the funds are turned off or mixed, the agreement is disabled. The team is coordinated with the police, cybercrime specialists, the SUP Foundation and the regulators, notably Fincen and the US Defense Ministry. Inca Digital, a cybersecurity company, directs negotiation efforts.

📜 Dear Sui community, thank you for your patience while our team works on the incident investigation and resolution.

Since taking the actions indicated in our previous announcement, we have also done the following:

1. We engaged the broader ecosystem, Sui team, and related… https://t.co/Gs1EWXZ6AD

— Cetus🐳 (@CetusProtocol) May 22, 2025

The violation exploited a vulnerability in the pricing mechanism of Cetus and had an impact on its pools of concentrated liquidity manufacturers. The attacker used usurped tokens, which are false or low value assets with handled metadata, to inject tiny quantities of liquidity into commercial basins.

Due to the distortion of the internal accounting of these swimming pools, the pirate was able to eliminate substantial quantities of precious tokens, such as Su and USD Coin (USDC), at incorrect exchange rates.

The attacker deceived the system by believing that the swimming pools were balanced by carefully chiling these parody tokens deposits with complex flash exchanges and a price manipulation. As a result, they were able to empty substantial active assets without providing equivalent value.

Cetus would have adopted recent security audits before hacking. However, by exploiting the internal pricing logic and economic hypotheses rather than simple code errors, the attacker’s method has escaped typical vulnerability scans.

After initially drained $ 11 million in a SUI / USDC pool, the attacker quickly intensified the attack. They have filled more than $ 60 million in stolen funds in Ethereum and bought more than 21,900 ETH. They currently have millions of sui, eth and stablecoins in their wallets.

The SUP ecosystem was seriously damaged by the feat. Smaller tokens like Axol, Hippo and Squirt have lost almost all their value, while the SUT token dropped up to 15%. Cetus, the Cetus token, fell 20 to 33%. Negotiation volumes jumped when users rushed to withdraw funds.

Cetus has interrupted Smart contracts after hacking of hacking and tries to secure its platform. The incident raises questions about the security of protocols DEFI on more recent channels like Su and Aptos (Fit). Although these ecosystems offer innovation, analysts warn that the vulnerabilities of complex challenge logic remain a persistent risk.