TLDR:
- A flaw in Cetus’ smart contract logic let attackers drain over $200M with minimal capital.
- The bug involved a miscalculated bit-shift operation in liquidity math.
- Attackers used flash swaps and fake liquidity to extract tokens.
- Validators froze most of the stolen funds, but raised decentralization concerns.
Following the devastating attack on Sui-based decentralized exchange Cetus, blockchain security firm Dedaub has revealed what really went on behind one of the most catastrophic DeFi exploits in recent memory.
The incident, which occurred on May 22, 2025, resulted in the loss of more than $200 million, shaking the crypto community and users across the Sui ecosystem.
A Tiny Bug With a Massive Price Tag
According to the report, the breach was rooted in a seemingly small but fatal flaw in the automated market maker (AMM) logic within Cetus. Hackers manipulated a “liquidity” parameter during this process, which allowed them to mislead the system about how much liquidity was actually being provided. This manipulation triggered a silent overflow in a critical calculation, letting the attacker inject massive liquidity into the pool while only supplying a single token unit.
Notably, the technical flaw allowed the malicious transaction to pass through without any immediate red flags, ultimately enabling the attacker to create extraordinarily large positions with a negligible amount of capital and then drain the pools before repaying a flash loan used to initiate the process.
Where the Code Failed
Dedaub pinpointed the root of the problem in a function designed to calculate the amount of token A required for a given liquidity amount. This function performed a left shift operation on large numerical values, specifically a 256-bit integer, but the logic intended to detect overflow in this shift was incorrectly implemented. As a result, when the function encountered values that exceeded the intended threshold, it failed to trigger an error or abort the operation.
“Due to the overflow, the numerator wraps around to a very small value,” the firm noted.
This, in practice meant the attacker could game the system into calculating that almost no tokens were required for enormous returns. This flaw went unnoticed during multiple audits, in part because the problematic operation occurred in a library that may have been out of scope, and also because the overflow did not trigger a runtime error in Move.
“Flash Loan Attack”
The attackers executed their plan in multiple transactions. They began by borrowing a large amount of tokens through a flash swap, then created a new liquidity position with parameters specifically chosen to exploit the overflow. With just one token deposited, the protocol credited them with an impossibly large liquidity position. They quickly removed this fake liquidity across several transactions, draining the pool, before repaying the borrowed tokens and walking away with millions in profit.
The attack was fast and surgical. Each step was carefully crafted to avoid detection and minimize the window for intervention. What made the exploit particularly devastating was the attacker’s ability to simulate high-volume liquidity injection, bypassing any limits or checks that might have caught a more straightforward manipulation.
Centralization Fears
The attack has ignited a broader debate in the DeFi community. While many praised the fast action of validators and Sui network partners, who froze $163 million of the stolen $223 million—others criticized the move as a centralizing overreach. One user on X accused the validators of “turning the network into a centralized database” by censoring transactions and interfering with on-chain activity.
Cetus, in response to the breach, has offered the attacker a $6 million bounty for the return of over 20,000 ETH, promising anonymity and a hands-off approach from law enforcement should the offer be accepted.
