Sui Cetus Exploit Exposes $223M DeFi Breach, Oracle Risks Surface

The Sui Cetus exploit has become the most critical event to test the resilience of the Sui blockchain to date. On May 22, 2025, Cetus Protocol — the network’s largest decentralized exchange — was hit by an oracle manipulation attack that drained over $223 million in assets. The attacker used spoof tokens to distort price feeds and exploit liquidity pools, exposing key vulnerabilities in Sui’s DeFi architecture.

In an official statement on X, Cetus Protocol confirmed:

"As of earlier today, we have confirmed that an attacker has stolen approximately $223M from Cetus Protocol. We have took immediate action to lock our contract preventing further theft of funds.

$162M of the compromised funds have been successfully paused. We are working with the Sui Foundation and other ecosystem members right now on next-step solutions, with the goal of recovering the remaining stolen funds.

The majority of impacted funds are paused and we are actively pursuing paths to recover the remainder. We have no higher priority and will provide further updates as they become available through this channel."

Contagion Across the Sui DeFi Ecosystem

The repercussions of the Sui Cetus exploit spread quickly across the network:

• Scallop, a lending platform on Sui, suspended borrowing operations to limit exposure.
• Haedal Protocol disabled its vault services as a precautionary step.
• Several smaller dApps relying on Cetus for liquidity also paused operations pending audits.

This breach has reignited conversations around smart contract auditing standards, DeFi interdependence, and real-time incident response measures.

Market Reaction: CETUS Tumbles, SUI Holds Ground

While the native CETUS token dropped over 30%, the SUI token has shown surprising stability, trading in the $3.80–$4.00 range. Market observers believe the measured response is due in part to the quick containment of the incident and the perceived strength of Sui’s broader developer ecosystem.

Nevertheless, sentiment remains cautious, with ongoing monitoring of liquidity shifts and project dependencies across the Sui DeFi landscape.

Support Behind the Scenes Amid the Sui Cetus Exploit

As security teams mobilized to analyze the breach and trace stolen assets, outside voices offered support. Binance founder CZ addressed the situation publicly on X , stating:

“We are doing what we can to help SUI. Not a pleasant situation. Hope everyone stay SAFU!”
— @cz_binance

When asked whether the Cetus team had contacted him, CZ replied:

“I reached out to them, offering help. They are responsive. I didn't want to burden them. I know multiple security teams looking at it.”
His remarks underscore the seriousness of the exploit but also point to a measured, behind-the-scenes support effort from the broader crypto community.

A Defining Moment for Sui's DeFi Future

The Sui Cetus exploit may mark a turning point in the evolution of Sui as a Layer 1 blockchain. As the network faces this stress test, key questions arise:

• Can user trust be rebuilt swiftly and meaningfully?
• Will protocols adopt stricter oracle and smart contract security frameworks?
• And how will the ecosystem learn and evolve from this breach?

The path forward depends on how quickly and effectively developers, auditors, and community leaders respond to this crisis. While the damage is substantial, the response could shape Sui into a more resilient and battle-tested blockchain — or expose cracks that stall momentum.