The recovery comes after swift coordination between Cetus, the Sui Foundation, and several ecosystem participants. Efforts are actively underway to trace and reclaim the remaining stolen assets.
In the wake of the breach, the Sui Foundation released a public statement highlighting the unified response from network validators:
“A large number of validators identified the addresses holding stolen assets and are currently ignoring all transactions from those wallets. This decision aims to prevent further movement of the illicit funds while investigations and recovery operations continue.”
Cetus Announcing The Hack
Source: X (@CetusProtocol)
The Cetus team, backed by other entities in the Sui network, is exploring all viable paths to recover the stolen crypto and restore it to the rightful owners, the platform’s community.
The breach occurred on May 22nd, 2025, and is believed to have been carried out via a smart contract vulnerability. The attackers exploited flaws in the contract’s logic to siphon a staggering $223 million worth of crypto assets from user wallets.
Extractor, a Web3 cybersecurity monitoring tool, reported that about $63 million of the stolen assets were bridged to the Ethereum (ETH) blockchain, likely to obfuscate the transaction trail and make recovery more difficult.
Security researchers also uncovered an attacker wallet, ending in “AF16”, that was used to launder 20,000 ETH, valued at around $53 million at the time. These funds were reportedly dispersed across various wallets in an attempt to confuse tracking efforts.
The Cetus breach is just the latest in a growing list of major crypto heists this year. The first half of 2025 has already seen several high-profile hacks, putting immense pressure on Web3 projects to rethink their security frameworks.
The Cetus Hacker’s Transfer Of 20,000 ETH To A New Wallet Address
Source: Etherscan
The increasing frequency of such incidents has sparked calls from industry leaders for the sector to self-regulate and invest in more robust security measures. Without proactive reforms, the crypto industry could face heightened scrutiny and potential regulatory interventions from global authorities.
While many celebrated the freezing of stolen assets, not everyone in the crypto community was pleased with the actions taken by Sui validators. Some pointed to the ability of validators to freeze wallets as a violation of decentralization principles.
“Good news for the victims, but if validators, which are only 114 in total, can freeze wallets whenever they choose, it raises a major concern about the network’s censorship resistance. Sui may not be as decentralized as we thought.”
This sentiment echoes broader debates within the crypto community, where security and decentralization are often seen as competing priorities.
With $162 million successfully frozen, Cetus has managed to mitigate a substantial portion of the losses. However, the road to full recovery remains uncertain, especially with a sizable amount of funds having already been moved to other chains.
The Cetus development team has pledged to conduct a full security audit and implement stricter smart contract reviews to prevent future incidents. In parallel, discussions around network governance, validator authority, and decentralization are expected to intensify in the coming weeks.
The Cetus hack highlights the dual-edged nature of decentralization in crypto. On one hand, the rapid and coordinated freeze of funds demonstrates the effectiveness of community-led security responses. On the other hand, it exposes the fragility of trust in systems that claim to be decentralized.
For users, developers, and investors, this incident serves as a sobering reminder that smart contract audits, cross-chain monitoring, and validator transparency are critical pillars for a secure, decentralized future.
Subscribe to stay informed and receive latest updates on the latest happenings in the crypto world!
Content Strategist
Subscribe to stay informed and receive latest updates on the latest happenings in the crypto world!
