Author: 0xFacai

Source: BlockBeats

Original Title: Top DEX Hacked for $260 Million, Can Sui Ecosystem Maintain Its Momentum?

On the afternoon of May 22, the top DEX liquidity protocol Cetus Protocol on the Sui chain experienced a significant drop in its CETUS token price, with a near-total collapse. Multiple token trading pairs on Cetus also saw sharp declines. Subsequently, many KOLs posted on X, indicating that Cetus protocol's LP pools were attacked by hackers.

On-chain monitoring shows that the Cetus attacker seemingly controlled all SUI-denominated LP pools, with the stolen amount exceeding $260 million at the time of writing. Currently, the hacker has begun converting funds to USDC and cross-chaining to the Ethereum mainnet to exchange for ETH, with approximately 60 million USDC already transferred.

The hacker's on-chain address is: 0xe28b50cef1d633ea43d3296a3f6b67ff0312a5f1a99f0af753c85b8b5de8ff06. The address currently holds primarily SUI and USDT, but also includes mainstream Sui ecosystem tokens such as CETUS, WAL, and DEEP, indicating the extensive scope of this hack.

The Cetus team has not yet provided a clear response, but a team member in the project's Discord chat stated that the Cetus protocol was not stolen, but experienced an "oracle bug". Sui officially stated that they will actively support the Cetus team in conducting a continuous investigation and provide further updates as soon as possible.

On-chain data doesn't lie. According to statistics, Cetus protocol's LP pools have lost over $260 million in this incident, exceeding the protocol's TVL ($240 million) and market cap ($180 million). At the time of writing, CETUS price had dropped from $0.25 in the afternoon to $0.17, with the project's future looking uncertain.

Community Opinion Points to Team's "Previous Theft Record"

Interestingly, as Cetus triggered a crash in the Sui ecosystem, many community members on Twitter pointed out that Cetus was developed by the same team behind Crema Finance, a Solana ecosystem DeFi protocol that had previously experienced a theft.

On July 3, 2022, Crema Finance was similarly attacked by hackers using a Solend flash loan, draining the LP funds pool and causing losses of over $8 million. On July 7, the hacker returned stolen crypto worth $7.6 million after negotiations with the team. According to the negotiation agreement, the hacker was allowed to keep 45,455 SOL ($1.65 million) as a bounty.

Currently, there is no public information confirming that Crema and Cetus were developed by the same team, but the reasons for their thefts appear to be consistent.

With Over 60% Market Share, Can Sui Ecosystem Recover?

According to defillama data, Cetus was previously the top DEX in the Sui ecosystem, with trading volume accounting for over 60% of the entire ecosystem. This "liquidation-style" attack undoubtedly directly destroyed the ecosystem's liquidity center, which would be a devastating blow for any "second-tier public chain".

Since March last year, the Sui ecosystem's on-chain trading volume has been generally trending upward, with ecosystem mainstream tokens like CETUS, DEEP, and WAL rising rapidly, widely viewed by the community as the most potentially profitable public chain in this cycle and the "next Solana".

Interestingly, according to dune analytics, the Sui chain has long had a large number of wash trades, with ecosystem liquidity toxicity consistently near 50%, which partly explains the community's feedback that "there's nothing, just prices keep rising".

Image explanation: The circle radius shows the total trading volume of a single address, with the highest-volume wallet also having high trading frequency, suggesting possible wash trading; data source: dune analytics

According to CoinGecko data, SUI and other mainstream ecosystem tokens like DEEP and WAL have declined due to this incident but seem to have shown signs of stabilization.

However, Sui's "strong foundation" persona has long been established in traders' minds. In the past month's altcoin recovery market, Sui has been the most eye-catching among mainstream public chains. Facing this major ecosystem theft, can the foundation provide an effective response and further reinforce its "strong foundation" persona?