$162M Frozen After Cetus Hack: Inside the Exploit and the Community Fallout

Blockchain security firm Dedaub has released a detailed technical report on the exploit that targeted the decentralized exchange Cetus. According to the findings, attackers exploited a flaw in the protocol’s liquidity logic, specifically a bug in validating AMM parameters’ most significant bits (MSB). The vulnerability allowed the attackers to drain over $200 million within hours.

In response, validators on the Sui network, working with ecosystem partners, froze $162 million of the stolen assets, mitigating the net loss for users. However, the action sparked a divided response from the crypto community. While some praised the intervention as a necessary safeguard, others criticized it for taking a centralized approach to censoring transactions.

Related: Cetus DEX on Sui Network Exploited — Over $260M Lost, CETUS Token Drops 50%

Dedaub Report

The exploit bypassed standard overflow checkers due to flaws in validating the most significant bits (MSB) in liquidity parameters. This vulnerability allowed attackers to manipulate values and amplify liquidity positions by orders of magnitude with just one unit of token input. 

This allowed them to add massive liquidity positions with just one unit of token input, subsequently draining pools collectively containing hundreds of millions of dollars worth of tokens,

the researchers wrote.

Dedaub’s analysis calls for more rigorous validation of automated market maker (AMM) parameters and the implementation of additional overflow protection within smart contracts. The vulnerability, they noted, stemmed from fundamental arithmetic logic and could have been prevented by slightly expanding verification algorithms. Their findings underscore the growing importance of security in the Web3 space and the critical need for proactive safeguards.

More on the topic: The Importance of Smart Contract Audits for Crypto Projects

Asset Freeze and Community Reaction

On May 24, Sui validators froze $162 million in stolen assets, pledging to coordinate with the broader ecosystem on a potential recovery plan. However, the move drew criticism from decentralization advocates.

Sui validators are actively censoring transactions across the blockchain,

one user wrote on X, arguing that such actions undermine the principles of decentralization.

It’s interesting how many Web3 projects backed by VCs lean heavily on centralization, despite borrowing Bitcoin’s ethos,

noted Steve Bowyer in a separate post.

Despite the backlash, much of the community supported the need for swift action to minimize losses.

Related: Hacken CEO Calls Out Crypto Sector’s Security Complacency

Cetus Community Update

In a recent update, the Cetus team clarified that the frozen funds are split into two segments: 

1. Assets within the Sui network
2. Assets bridged out of the ecosystem (mainly held in ETH) 

To facilitate recovery, the team proposed two possible approaches: 

1. An onchain vote among Sui validators
2. An ultimatum to the attacker: a whitehat agreement or legal action

Cetus also reported that its core operational services have been restored, including swap aggregation through partners like Phantom and Binance Alpha. Liquidity pools that were not affected by the exploit will be gradually reactivated once data is fully restored.

Additionally, Cetus pledged to provide a detailed compensation and asset recovery plan soon. The team called for community patience and reaffirmed its commitment to maximizing user reimbursement.

Related: April 2025 Crypto Hacks Hit $92.5M as Ethereum and Base Face Growing Threats