PANews reported on September 11th that Nemo, a DeFi protocol on Sui, released an incident report stating that security vulnerabilities in the flash_loan and get_sy_amount_in_for_exact_py_out functions of the contract were exploited by attackers, resulting in a loss of approximately $2.59 million in assets. The attack stemmed from developers launching new features without sufficient audits and failing to promptly address known risks. The majority of funds were transferred to Ethereum via a cross-chain bridge. The protocol's core functionality has been frozen, and patches for the vulnerabilities have been submitted for emergency audit. The team is developing a user compensation and asset tracking plan.
