7 December 2025
The world of crypto is once again gripped by a shocking event. The largest decentralized exchange platform on the Sui network, Cetus Protocol, has fallen victim to a major hack that saw a whopping $200 million stolen from liquidity pools. This exploit has turned the entire Sui ecosystem upside down, causing popular tokens such as Lofi, Sudeng, and Squirtle to plummet by 76%, 80%, and even 97% in value in just an hour. Not a pretty sight to behold!
Hackers cleverly exploited vulnerabilities within Cetus Protocol’s smart contracts. By deploying so-called ‘spoof tokens’, they were able to manipulate the price calculations and thus plunder the contents of the liquidity pools. Control over the real assets in multiple liquidity pools, including that of SUI/USDC, was therefore easily obtained. It is worrying to hear that the attacker now has $164 million in a Sui wallet and has transferred $61,5 million in USDC to Ethereum.
The market reaction was fierce. The Cetus token dropped by 53% and a whopping 46 other Sui tokens also saw their value plummet by double digits. Despite the chaos and fear, Sui’s native token seems to be holding up remarkably well, with a 2,2% increase in value. How is that possible?
In light of this setback, Cetus has temporarily paused its smart contracts to prevent further damage. In a social media post, the team said they were investigating the situation. “We have detected an incident and are conducting a thorough analysis,” they said. That sounds like a smart move, but the question remains: will such preventive measures be enough in the future?
There is much speculation about the cause of the hack. An anonymous source within the Cetus community suggests that a “bug” in their oracle formed the basis for this attack. Deddy Lavid, CEO of security firm Cyvers, confirms that this was an “oracle manipulation attack,” where the attackers took advantage of the ability to falsify the price via their spoof tokens.
The call for faster and more effective responses to such incidents is growing. The role of stablecoin issuers such as Circle also comes into play here; they are often accused of reacting too slowly to the actions of hackers. It is a problem that cannot be ignored, especially not at a time when the digital economy seems increasingly vulnerable.
Disturbing are the recent words of Changpeng Zhao, former CEO of Binance, who hoped that everyone will stay safe in these uncertain times. Let us not forget that every crisis also brings opportunities. Let us focus on the lessons that can be learned from this experience and create a safer crypto world together.
“This is not just a warning; it is an opportunity to come back stronger.”
What are spoof tokens?
Spoof tokens are fake tokens used to manipulate the price calculations of an asset, giving hackers the ability to steal valuable assets.
How is Cetus Protocol responding to the hack?
Cetus has temporarily paused its smart contracts and is investigating the incident to limit further damage.
What could be the role of stablecoin issuers in future incidents?
Stablecoin issuers must take faster action when there are signs of hacks or manipulations to protect digital assets.
Bitcoin (BTC)
Ethereum (ETH)
XRP (XRP)
