In the early hours of today, the largest liquidity provision protocol on the Sui network, Cetus Protocol, suffered a severe security attack.
This attack resulted in over 260 million dollars in losses, triggering multiple $SUI ecosystem tokens to plummet over 80% within an hour, plunging the entire community into panic.
Here are the timeline of events and your asset safety guide 👇
1. Event review: How did the hacker carry out the attack?
📉 The hacker controlled multiple trading pools based on SUI on Cetus and quickly extracted liquidity.
💸 Some token pairs' liquidity pools have almost been emptied, with the USDC/SUI pool losing over 11 million dollars.
💱 The stolen assets were subsequently exchanged for $USDC and transferred to Ethereum via a cross-chain bridge.
⏱ The hacker has transferred more than 60 million USDC within the first hour after the attack.
This incident caused dozens of SUI ecosystem tokens to flash crash in price, resulting in substantial losses for many traders without any warning.
2. The Cetus team's response sparked controversy.
At the beginning of the incident, Cetus Protocol issued an emergency announcement on Discord, denying that it had been attacked and claiming it was due to 'oracle failure':
"Please stay calm, the team is fixing it, we detected an anomaly with the oracle, it was not a hack."
However, on-chain data clearly shows that a large amount of funds has been transferred out across chains, with obvious signs of liquidation, leading the community to widely question the concealment of the truth.
Currently, the project team has initiated an emergency response and stated that they are collaborating with Mysten Labs (the SUI developer) to investigate and fix the issue.
3. Does this mean the SUI network itself has been breached?
Clear answer: No.
The security vulnerability of this attack originated from the third-party DEX protocol Cetus, and the underlying Sui network itself was not compromised.
This is like Curve or SushiSwap on the Ethereum mainnet being attacked, which does not mean Ethereum itself is unsafe.
However, due to Cetus's dominant position in the SUI ecosystem, this incident has had a severe impact on the entire ecosystem, and market confidence will be tested in the short term.
4. How to protect your assets? Be sure to remember these five points:
1️⃣ Immediately withdraw all your liquidity or collateral assets on Cetus to prevent secondary losses.
2️⃣ If you have authorized wallet access to Cetus, revoke the authorization as soon as possible to prevent potential abuse of permissions.
3️⃣ Avoid cutting losses or selling low liquidity tokens during the current market panic; consider observing and assessing stop-loss options.
4️⃣ Pay attention to official channel announcements and do not easily believe in FUD (Fear, Uncertainty, Doubt).
5️⃣ On-chain monitoring tools like DeBank and RevokeCash can be used for risk assessment.
5. A few judgments about future impacts:
🔎 In the short term, there may be capital outflow from the SUI ecosystem, with users increasing their risk-averse sentiments.
🔄 Other DEXs or lending protocols may become new liquidity hubs, forming an internal rebalancing within the ecosystem.
🧑💻 Security audit standards will be further strengthened, and future DeFi protocols will increase their reconstruction of oracle and permission control modules.
💡 This incident also reminds project teams: while pursuing high performance and rapid iteration, security is always the top priority in Web3.
Conclusion: Face black swan events rationally, and security always comes first.
The attack on Cetus Protocol sounds the alarm again—just because you are using a 'popular project' does not mean it is safe.
This is not a problem with the SUI network itself, but rather the result of third-party protocol security governance failing to keep pace with the volume of funds in the ecosystem's development.
As a user, you cannot completely avoid black swan events, but you can reduce exposure in daily operations.
✅ Use high TVL protocols cautiously.
✅ Control the concentration of assets in a single address.
✅ Regularly revoke authorizations.
✅ Keep an eye on project contract upgrade dynamics.
✅ Use multi-signature and on-chain alert systems to enhance proactive protection capabilities.
Web3 is always a high-risk, high-reward world, and only by learning risk control can one truly navigate bull and bear markets.
