.png)
6 hours ago
1
ARTICLE AD BOX
- Sui Network is reported to have deployed a whitelist function as part of the preparation to return the frozen stolen money to Liquidity Providers.
- Of the over $220 million reportedly stolen, $63 million is said to have been bridged to the Ethereum network, making it almost impossible to recover it.
Months after we covered a major exploit on the Sui Network that saw hackers steal 6.2 million SUI tokens, Cetus has confirmed another occurrence that has called for a swift response from the SUI technical team.
The Details
On May 22, a decentralized exchange built on the Sui blockchain network, Cetus, was reportedly hacked after threat actors exploited a smart contract code to drain $223 million of users’ funds. Fascinatingly, this occurred a day after CNF highlighted in a post that the network has attracted significant institutional attention.
According to the team behind the Extractor Web3 security notification tool, around $63 million of the stolen funds were bridged to the Ethereum network. Through its effort, a wallet address ending “AF16” was found to have been used to launder 23,000 ETH ($53 million).
Fast-forward, and the Sui Network is reported to have launched a whitelist function and a restore module as part of the preparation process to return the stolen money to the Liquidity Providers. According to the information shared by Wu Blockchain, an upgraded transaction has been added to the whitelist to allow certain pre-approved transactions to happen freely, regardless of their content.
Delving into this, we found that $162 million of the stolen money had been frozen. The remaining amount transferred to Ethereum and other chains through cross-chain bridges is reported to be unrecoverable since they have left the Sui ecosystem.
Soon after the incident, Binance co-founder Changpeng Zhao (CZ) disclosed that they are doing everything in their power to help. At that time, he hinted that he had received a prompt response from the SUI team. He also hinted that many security teams are working around the clock to get to the bottom of this.
Based on the preliminary report, the hacker used fake tokens to manipulate price data and reserve balance. With this, they were able to extract real assets from several liquidity pools, including SUI/USDC. Initially, this was thought to be a bug. However, it was later found to be a hack, forcing the team to pause the smart contract to prevent further losses.
Despite the recovery effort, some SUI community members have raised concerns about the network’s decentralized position. According to one user, the ability of just 114 Validators to freeze wallets undermines the network resistance.
Good news for the victims, but if validators, 114 only in total, can freeze wallets when they want, it raises a major question about the network’s censorship resistance. Sui is anything but decentralized.
Similarly, KookCapitalLLC has highlighted in an X post that the decisive intervention demonstrates that most blockchain platforms, except Bitcoin, have some level of centralized control.
Hacking Occurrences and SUI Price Reaction
Hacking incidents have over the years been witnessed in large quantities with crypto firms becoming the main targets. As detailed in our recent blog post, this has led to a 30% decline in Decentralized Finance’s (DeFi) Total Value Locked from its peak in December 2022. Meanwhile, we also examined in our last update that North Korea’s Lazarus Group hacked software developers to attack Solana and Exodus wallets.
Following this report, the price of SUI declined to $3.6. At press time, the asset had reduced its daily loss to 7%, pushing the price up to $3.8. Also, traders’ interest seems to have returned as the daily trading volume surged by 66%, with $3.4 billion changing hands.
Prior to the hacking incident, VanEck had predicted that SUI could embark on a 350% surge, as highlighted in our previous analysis.
English (US)