According to ChainCatcher, on May 22, Cetus encountered a smart contract attack targeting the CLMM liquidity pool. The attacker exploited a vulnerability in an open-source library to depress the pool price and extract assets. Cetus has taken measures to mitigate the impact.
With the support of most Sui validation nodes, Cetus has urgently frozen two Sui wallet addresses of the attacker. The remaining funds have been exchanged and cross-chain transferred to the Ethereum mainnet.
Cetus is cooperating with the Sui security team and auditing agencies to review the contract, ensuring safe recovery services. Cetus will strengthen monitoring, initiate additional audits, and release security reports, as well as develop recovery plans to compensate affected LPs.
