The Sui Hack 2025 revealed exploits in one of the most trusted DeFi protocols on the Sui blockchain, Cetus Protocol. As of May 22, 2025, Cetus Protocol was suffering a complex exploit that hacked $223 million from it. This event triggered one of the most solid responses at the blockchain level in recent DeFi history
Timeline of the Exploit and Attack Mechanics
On May 22, 2025, a single enemy hacked into Cetus Protocol’s Concentrated Liquidity Market Maker (CLMM) pools and used unchecked arithmetic over multiple ranges to exploit SUI, CETUS, and USDT. This attack covered from 2:40 AM to 3:10 AM UTC and included nine transactions of hacking.
All tokens, such as SUI, USDT, and CETUS, were set in various pools, and the relished liquidity values were artificially increasing, allowing the evasive draining of the pools. Cetus, during this, suffered an asset withdrawal worth $223 million.
In rapid response, the Sui validators froze two wallets containing 162 with assets, leaving the attacker 61 million left under lesser conditions. The swift capital was soon bridged to Ethereum and converted into ETH.
Sui Validators Take Action After the Hack
The swift reaction to the Sui Hack 2025 was pivotal in reducing long-term damage. Within 60 minutes, Sui’s core validators collaborated with Cetus and the Sui Foundation to disable vulnerable smart contracts.
On May 23, they enacted a temporary protocol-level freeze on the hacker’s wallet addresses. This was the first time validators on the Sui blockchain voted in favor of freezing compromised addresses for user protection.
Despite the freeze, approximately $61 million had already been funneled through Wormhole and LayerZero bridges into Ethereum-based wallets.
Community Governance Vote and Fund Recovery
On May 25, the Cetus team asked the community to vote on what to do with the frozen funds. A total of 1,200 active stakers joined the vote. Out of them, 92.4% supported moving the money to a new wallet controlled by trusted members.
This special wallet uses a multisignature setup. It needs at least three out of five trusted signers to approve any action. The signers include Cetus, the Sui Foundation, OtterSec, and two respected members chosen by the community. Each one passed ID checks and agreed to strict legal terms.
By May 28, $160.2 million was safely moved into the wallet. This action gave Cetus a legal and technical path to begin returning funds. It also showed that the network could work together fast after the Sui Hack 2025, using real-time voting to make big decisions.
User Compensation and Security Strengthening
Just two days later, on May 30, 2025, Cetus shared its full plan to repay all affected users. The goal was simple—every user would get back what they lost.
Here’s how the funds were arranged:
- $40 million came from Cetus’ reserve fund.
- $50 million was loaned by the Sui Foundation. This loan has no interest and gives Cetus two years to pay it back.
- The rest of the $70.2 million will be sent from the funds recovered in the trusted wallet.
Payments will be rolled out in stages, starting in June 2025. Each user’s balance will be verified using a secure proof system, so payouts are fair and accurate.
Alongside this, the Sui Foundation launched a $10 million safety upgrade. This includes smarter contract tools, faster alerts if something goes wrong, and a new bug bounty program. If someone finds a serious issue, they could earn up to $500,000.
To keep things safer long-term, all apps on the Sui network must now go through regular audits. The goal is to stop problems before they happen and make the whole ecosystem more secure after the lessons from the Sui Hack 2025.
Long-Term Impact of the Sui Hack 2025
The Sui Hack 2025 not only triggered technical reforms but also initiated social and governance innovations. Other DEXs on Sui—such as DeepBook and Aftermath—have since implemented overflow-protected math libraries and enhanced audit pipelines.
This incident remains the second-largest DeFi exploit of the year, behind LayerBank’s $320M breach in March. It underscored the importance of rapid validator coordination, user-first governance, and proactive security layers.
As of June 1, 2025, the Sui ecosystem is preparing new safety measures, including:
Pre-deployment simulation environments.
Contract-level kill switches are controlled via multisig wallets.
Community-first governance for emergency protocols.
Conclusion:
The Sui Hack 2025 will be remembered not only for its scale but for the effective recovery it spurred. Through transparent community governance, validator consensus, and a focus on user protection, the Sui network turned a crisis into a blueprint for future DeFi resilience.