The decentralized exchange Cetus Protocol has successfully reinstated full operations following a significant security breach that resulted in an estimated $223 million loss. This return to functionality, 17 days after the incident, marks a crucial step in the platform’s recovery efforts, which have seen a substantial portion of the compromised funds recovered and liquidity pools largely restored.
Incident Details and Initial Response
The exploit, which occurred on May 22, 2025, targeted an integer overflow vulnerability within a specific library function, enabling the perpetrator to illicitly convert a single token into what appeared to be millions of dollars. This event rapidly escalated to become the largest attack on a DeFi protocol recorded that month. Fortunately, the swift action of Sui network validators was instrumental in freezing and subsequently recovering $162 million of the stolen assets, mitigating a significant portion of the initial damage. Only liquidity pools on the Sui blockchain were affected, with the Aptos ecosystem remaining secure.
Recovery and Compensation Efforts
To further support the platform’s restoration, the Sui Foundation contributed an additional $30 million, supplemented by $7 million from Cetus’s own reserves. Developers have confirmed that the affected liquidity pools are now restored to between 85% and 99% of their pre-incident levels. The remaining deficit will be compensated to affected users through CETUS tokens, distributed linearly over the course of one year.
Hacker’s Actions and Future Measures
Despite an offer for the return of funds, the attacker proceeded to transfer a portion of the illicitly gained assets to EVM networks and initiated money laundering activities via the Tornado Cash mixer. Cetus Protocol has stated that the hacker’s actions are now under surveillance. In response to the breach, the Cetus team plans to implement enhanced security protocols, including a comprehensive re-audit of their systems, improved monitoring mechanisms, and the launch of a new bug bounty program. They also intend to revise their product strategy. Following the incident, the CETUS token experienced a 44% decline in value, currently trading at approximately $0.114 according to TradingView data. Cetus Protocol had previously announced a $5 million reward for information leading to the identification of the perpetrator.
Former Wall Street analyst turned crypto journalist, Marcus brings a decade of expertise in trading strategies, risk management, and quantitative research. He writes clear, actionable guides on technical indicators, portfolio diversification, and emerging DeFi projects.