Cetus Protocol Suffers $230M DeFi Exploit

Cetus Protocol, a prominent decentralized exchange on the Sui blockchain, suffered a $230 million exploit due to an arithmetic overflow vulnerability on May 22, 2025.

The incident underscores ongoing security challenges in DeFi, prompting renewed focus on auditing and risk management practices. It pressures protocols to tighten defenses against vulnerabilities.

Cetus Protocol announced the breach and took swift action to lock contracts, preventing further theft. Collaborating with the Sui Foundation, they aim to recover approximately $68 million in unsecured funds. Immediate market reactions include decreased activity and tightened security measures.

“As of earlier today, we have confirmed that an attacker has stolen approximately $223M from Cetus Protocol. We have took immediate action to lock our contract preventing further theft of funds. $162M of the compromised funds have been successfully paused. We are working with the Sui Foundation and other ecosystem members right now on next-step solutions, with the goal of recovering the remaining stolen funds.” – Cetus Protocol

The exploit’s impact on the Sui ecosystem is extensive. Scallop, a lending platform, halted borrowing to manage risk, and the Haedal Protocol paused vault services. Many smaller dApps depending on Cetus for liquidity also suspended operations.

The exploit highlights vulnerabilities in smart contracts. Arithmetic overflow allows manipulation of values outside intended limits. Cetus Protocol’s priority remains fund recovery and strengthening security measures to prevent future breaches.

Regulatory attention may increase as authorities examine the security of DeFi platforms. Analysts suggest that protocols might invest more in security audits and risk management, following incident trends affecting crypto markets.