The blockchain platform, Cetus, has issued a detailed report outlining a sophisticated attack that targeted its CLMM liquidity pool. This incident occurred on May 22nd and involved the exploitation of an undisclosed vulnerability within an open-source library used by Cetus. This exploit enabled the attacker to manipulate pool prices and inject small amounts of tokens into inflated liquidity, followed by repeated asset extraction through unchecked calculation functions, resulting in a theft of funds. Cetus swiftly responded by freezing two Sui wallet addresses containing a majority of the stolen assets, with support from numerous validator nodes on the Sui blockchain. The remaining stolen assets were then exchanged and transferred to the Ethereum mainnet.
To address this security incident, Cetus is actively collaborating with the Sui security team and multiple auditing firms to conduct a joint audit of their contracts. This process will ensure safe resumption of CLMM services. Additionally, Cetus plans to enhance on-chain monitoring procedures, initiate additional audits, and regularly publish security reports. Cetus is working with ecosystem partners to develop a recovery plan for affected liquidity providers and is urging Sui validators to support on-chain voting to expedite the return of stolen assets. Meanwhile, legal proceedings are underway while Cetus offers the attacker a white hat arrangement to reclaim the funds. Updates to the community will be provided as the situation evolves.