In the early hours of 28/05/2025, Cetus Protocol, the leading AMM DEX platform in the Sui ecosystem, announced a plan to borrow funds from the Sui Foundation to compensate 100% of the losses to users after the hack causing a loss of 223 million USD on 22/05/2025. While awaiting the community vote to unlock 160 million USD of frozen assets, this move has helped the CETUS price increase by 30%, reaching 0.12 USD (CoinMarketCap). The article summarizes the details of the hack, remediation plans, impact on the DeFi market, and lessons for investors.
Details of the hack and damage
On 22/05/2025, #CetusProtocol was attacked by hackers due to a numerical overflow error in the liquidity calculation function, leading to the depletion of liquidity in many trading pools. As a result, the prices of many tokens dropped by 80–90% within hours, causing damage:
Total damage: 223 million USD, including:
60 million USD: Transferred to Ethereum, difficult to recover.
160 million USD: Frozen on the Sui network, awaiting processing.
Cause: Programming error in the smart contract, allowing hackers to exploit the vulnerability.
Cetus has negotiated with the hacker to recover 60 million USD on Ethereum but was unsuccessful, forcing the project to seek alternative solutions. According to Chainalysis (2024), 70% of DeFi hacks stem from smart contract errors, with global losses of 3.7 billion USD. The Cetus hack has stirred the Sui community, which currently has 1.2 million users and a trading volume of 500 million USD/month (Statista, 2025).
Compensation plan and voting
In the announcement on 27/05/2025, #Cetus committed to compensating 100% by:
Use of funds: Mobilize all remaining resources of the project.
Borrowing from Sui Foundation: A 'hot' loan to cover 60 million USD lost on Ethereum.
Awaiting asset unlock: Community motion to unlock 160 million USD frozen on Sui.
The vote, taking place from 03:00 AM on 28/05 to 03:00 AM on 04/06/2025, will decide on unlocking 160 million USD. Approval required:
Over 50% of the total SUI staking volume participates (excluding abstentions).
The support rate is higher than opposition. As of 28/05/2025, 23/114 Sui validators have voted, with 100% in favor. If successful, the funds will be returned directly to affected users, helping Cetus restore trust.
Impact on the DeFi market
The hack and Cetus's compensation plan have a significant impact:
CETUS price: Increased by 30% to 0.12 USD after the announcement, indicating restored confidence (CoinMarketCap).
Sui ecosystem: SUI price stabilized at 1.85 USD, but cautious sentiment remains (CoinMarketCap).
DeFi trends: The incident raised concerns about smart contract security. According to CertiK (2024), 1.2 billion USD was lost due to DeFi hacks in 2024. However, TradingShot predicts that SUI could reach 2.50 USD by Q4/2025 if Cetus successfully resolves the issues.
Investor confidence: The commitment to compensate 100% is a positive signal, but long-term risks remain if similar errors recur.
Risks to consider
Technical errors: Un-audited smart contracts may be exploited further.
Liquidity risk: Borrowing from #SuiFoundation increases debt, affecting Cetus's long-term finances.
Vote failure: If the community does not approve unlocking 160 million USD, the compensation plan may collapse.
Market sentiment: Price volatility of CETUS and SUI may cause FOMO or panic.
Lessons for investors
The Cetus hack brings important lessons:
Project review: Only invest in DeFi with smart contracts audited by Consensys or Trail of Bits.
Portfolio diversification: Combine SUI, CETUS with stablecoins (USDT, USDC) to reduce risks, as recommended by CoinMarketCap.
Follow the community: Update Sui voting results via Coin68 or Sui Explorer.
Wallet security: Use cold wallets (Ledger, Trezor) and 2FA to protect against misconduct such as hacking.
Risk warning
Investing in Cetus, Sui, and DeFi carries high risks due to price volatility, technical errors, and hacking. The Cetus hack illustrates that security vulnerabilities can cause significant damage. Investors need to protect their wallets against misconduct such as exploiting vulnerabilities and conduct thorough research (DYOR). The information in this article is for reference only and is not investment advice.