Cetus, a prominent decentralized exchange (DEX) on the Sui network, is suspected of suffering a major exploit that may have resulted in the loss of more than $200 million in digital assets. Despite the severity of the incident, the Cetus team has so far described it as a “bug,” raising concerns about transparency.
Data from Cetus pools indicates that the DEX processed approximately $2.9 billion in transaction volume in a single day an astonishing 89% surge from $320 million just one day prior. This spike, paired with massive token devaluations, has fueled speculation of a coordinated exploit.
Some of the hardest-hit tokens include Lombard Staked BTC (LBTC) and AXOLcoin (AXOL), both of which saw catastrophic price drops. While LBTC has since shown a modest 4% recovery on external platforms like CoinMarketCap, AXOL appears to have lost nearly 99.5% of its value. The wallet address allegedly tied to the exploit is reportedly holding substantial amounts of digital assets.
Smart contract paused amid investigation
Cetus confirmed the detection of an incident via its official X profile and announced the temporary suspension of its smart contract for safety reasons. The team added that an internal investigation is underway, though no detailed public explanation has yet been provided.
However, several blockchain analytics firms remain skeptical of the project’s initial explanation. AMLBot, a blockchain compliance platform, told Cointelegraph that roughly $212 million was observed being bridged to Ethereum at a pace of $1 million per minute raising red flags.
“A level of urgency like that suggests there may be more to the story than a simple bug,” a spokesperson for AMLBot said, referencing statements from Cetus team members on Discord.
Onchain Lens, a blockchain analytics service, also weighed in. In a post on X, the platform claimed that the alleged attacker had gained control over all SUI-denominated pools on Cetus and had begun exploiting additional assets, including USDC.
The rapid fund transfers, conflicting narratives, and sharp token devaluations have led many in the Web3 community to question whether the incident is a case of technical failure—or a more severe security breach.
