Cetus Protocol was rising fast in the decentralized finance (DeFi) world, offering cutting-edge trading capabilities and concentrated liquidity on Sui and Aptos blockchains. But a massive exploit recently changed everything. Here’s what Cetus is, how it worked, and the full breakdown of the security breach that shook the ecosystem.
What is Cetus Protocol and why was it gaining traction?
Cetus Protocol is a decentralized exchange (DEX) built for next-gen DeFi users. It uses a concentrated liquidity market maker (CLMM) model—similar to Uniswap v3—allowing liquidity providers to deploy capital within narrower price ranges for more efficient trading. This approach attracted developers and yield farmers due to high capital efficiency and flexibility.
It supports features like multi-hop routing, limit and DCA orders, and smart trade execution. With dual tokens (CETUS and xCETUS), users could earn, stake, and participate in governance. Cetus also introduced LaaS—Liquidity-as-a-Service—allowing other dApps to tap into its liquidity layer for vaults, leveraged products, and more.
How did the Cetus exploit unfold and what was stolen?
On May 22. 2025. Cetus Protocol confirmed one of the biggest DeFi breaches of the year. An attacker deployed spoof tokens to trick Cetus’ smart contracts into miscalculating reserves and prices. Over $200 million—possibly up to $260 million—was drained from liquidity pools.
The attack caused cascading effects:
CETUS token dropped over 40% in hours.
Trading volumes across Sui ecosystem tokens tumbled.
The protocol’s contracts were paused.
The attacker swapped assets to USDC, bridged them to Ethereum, and further converted them to ETH, making traceability harder.
What’s the latest from Cetus and its partners?
Cetus and the Sui Foundation moved quickly to freeze over $162 million in assets. They've partnered with forensic experts, anti-cybercrime units, and firms like Inca Digital to trace funds. A $5 million bounty is now on the table for information leading to the attacker’s arrest.
The team claims the vulnerability has been patched and is working to restore trust, including advising other Sui-based protocols to implement new security checks.
Conclusion:
Cetus Protocol’s innovative features made it a DeFi standout—but this exploit underscores the importance of rigorous audits and real-time monitoring. The coming weeks will reveal whether Cetus can rebuild trust and regain its momentum.
