Cetus Protocol Exploited For $223M Via Overflow Bug On Sui

On May 22, 2025, Cetus Protocol — the largest decentralized exchange on the Sui blockchain — suffered a devastating exploit that drained approximately $223 million from its liquidity pools. The attacker leveraged a critical overflow vulnerability in a shared math library to mint enormous liquidity positions with negligible capital, then systematically withdrew real assets across multiple pools. The incident represents one of the largest DeFi exploits of 2025 and exposed systemic risk in Sui's DeFi ecosystem. The root cause was a faulty overflow check in the checked_shlw function within the integer-mate u256 math library. The function was designed to validate shift-left scaling operations before executing a << 64 bit shift, but it compared values against an incorrect threshold — using 0xFFFFFFFFFFFFFFFF << 192 instead of the correct 0x1 << 192. This meant certain overflow-causing values passed validation, producing truncated results that corrupted downstream liquidity calculations. The attacker exploited this by deploying spoof tokens (named BULLA and MOJO), adding just one token unit of liquidity in extremely narrow tick ranges (e.g., [300000, 300200]), and calling add_liquidity to trigger the vulnerable math path. The corrupted intermediate values caused the protocol to undercharge the required deposit while crediting a massively inflated liquidity amount. The attacker wallet (0xe28b50cef1d633ea43d3296a3f6b67ff0312a5f1a99f0af753c85bb85de8ff06 on Sui) executed the exploit using flash-swapped liquidity, then called remove_liquidity to withdraw real reserves against the inflated accounting. Approximately $60 million was rapidly bridged to Ethereum via Wormhole and CCTP, landing in wallet 0x89012a55cd6b88e407c9d4ae9b3425f55924919b, with a further $53 million moved to 0x0251536bfcf144b88e1afa8fe60184ffdb4caf16. The remaining $162 million was frozen on-chain after Sui validators took emergency governance action, blocking attacker-controlled addresses through a coordinated validator response. Sui's validator-led intervention proved controversial. A community vote achieved 90.9% validator stake approval to freeze and reclaim the stolen funds — an unprecedented move that raised questions about decentralization and censorship resistance on the network. Cetus paused all affected smart contracts immediately after detection. The Sui Foundation committed a loan to backstop losses, and Cetus pledged its treasury toward full user restitution. Related exposure was identified in other Sui protocols using the same integer-mate library, including Kriya, Momentum, and Bluefin. Crypto users should note that this exploit targeted a shared infrastructure library rather than a protocol-specific contract, meaning the vulnerability had systemic reach. Before providing liquidity on any DeFi protocol, users should verify whether the underlying math libraries have been independently audited and whether the protocol has undergone recent security reviews. The Cetus incident underscores the importance of dependency auditing in DeFi — a single flawed function in a shared library can cascade across an entire ecosystem. Users can check Sui contract verification status and transaction history on suivision.xyz.