Vulnerability cyber

Cetus Protocol

May 25, 2025 1 min read
Cetus Protocol

Cetus Protocol, a decentralized exchange (DEX) and liquidity protocol operating on the Sui and Aptos blockchains, reported a hack that resulted in the theft of $223 million in cryptocurrency. The attacker exploited a vulnerability in the automated market maker (AMM) logic, potentially involving pool price manipulation and flash loan-style attacks. The project paused its smart contract for investigations and successfully paused $162 million of the compromised funds. Cetus Protocol identified the attacker's Ethereum wallet address and is working with third parties to trace and freeze funds. They offered the hacker a deal to stop legal action if the funds are returned and announced a $5 million bounty for information leading to the attacker's identification and arrest.

Source: https://www.bleepingcomputer.com/news/security/hacker-steals-223-million-in-cetus-protocol-cryptocurrency-heist/

TPRM report: https://scoringcyber.rankiteo.com/company/cetus-global

"id": "cet326052525",
"linkid": "cetus-global",
"type": "Vulnerability",
"date": "5/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'customers_affected': 'Over 15 million accounts',
                        'industry': 'Financial Services',
                        'name': 'Cetus Protocol',
                        'type': 'Decentralized Exchange (DEX)'}],
 'attack_vector': 'Exploit of a vulnerable package',
 'date_detected': 'Yesterday',
 'date_publicly_disclosed': 'Yesterday',
 'description': 'Hackers stole $223 million in cryptocurrency from the '
                'decentralized exchange Cetus Protocol. The project is '
                'offering a deal to stop legal action if the funds are '
                'returned and a $5 million bounty for information leading to '
                'the attacker’s identification and arrest.',
 'impact': {'brand_reputation_impact': 'Significant',
            'financial_loss': '$223 million',
            'systems_affected': 'Sui and Aptos blockchains'},
 'investigation_status': 'Ongoing',
 'motivation': 'Financial Gain',
 'post_incident_analysis': {'corrective_actions': 'Fixed the related package',
                            'root_causes': 'Exploit of a vulnerable package'},
 'references': [{'source': 'Elliptic'}],
 'response': {'communication_strategy': 'Public announcements and updates',
              'containment_measures': 'Paused smart contract, identified '
                                      'attacker’s wallet, traced funds',
              'incident_response_plan_activated': 'Yes',
              'law_enforcement_notified': 'Yes',
              'remediation_measures': 'Fixed the related package, offered '
                                      'whitehat settlement, announced bounty',
              'third_party_assistance': 'Yes'},
 'threat_actor': 'Unknown',
 'title': 'Cetus Protocol Hack',
 'type': 'Cryptocurrency Theft',
 'vulnerability_exploited': 'Flaw in the automated market maker (AMM) logic'}
Published by
Jeremy C
Jeremy C
You might also like
Vulnerability cyber

Jenkins

public 1 min read
A critical cross-site scripting (XSS) vulnerability in the popular Jenkins Gatling Plugin allows attackers to bypass Content-Security-Policy (CSP) protections. The…
Jeremy C Jeremy C
Vulnerability cyber

Fortinet

public 1 min read
A critical zero-day vulnerability affecting multiple Fortinet products has been actively exploited. The vulnerability, tracked as CVE-2025-32756, enables unauthenticated remote…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.