The hacker exploited the cetus flash_swap function. Due to issues with the price calculation on cetus, the hacker manipulated the price, draining a significant amount of liquidity from the pools.

Written by: ExVul Security

On May 22, 2025, at 10:44:35 +UTC, SUI liquidity provider Cetus Protocol was allegedly attacked by hackers, resulting in losses exceeding $212 million, with most cryptocurrencies dropping over 70%.

Hacker address:

https://suivision.xyz/account/0xe28b50cef1d633ea43d3296a3f6b67ff0312a5f1a99f0af753c85b8b5de8ff06

Attack TX:

https://suivision.xyz/txblock/CZ6o96UDHUt2fvqj7ScRtSSV875HDvNV6qk6nYbHJB6m?tab=Overview

Reason for theft:

The hacker exploited the cetus flash_swap function. Due to issues with the price calculation on cetus, the hacker manipulated the price, draining a significant amount of liquidity from the pools.

Currently, a large amount of funds has been transferred to the ETH chain via cross-chain bridges, with $cetushacker on $suibridged 60m to ETH so far and bought $ETH with it, wallet - https://debank.com/profile/0x89012a55cd6b88e407c9d4ae9b3425f55924919b

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。