Cetus Protocol Exploit: $223M Stolen, BitJeton Urges Users to Revoke Smart Contract Approvals

Inside the $223M Cetus Protocol Exploit

On May 23, 2025, Cetus Protocol, one of the largest decentralized exchanges (DEXs) built on the Sui blockchain, suffered a devastating exploit resulting in the theft of approximately $223 million in digital assets. The breach exploited vulnerabilities in Cetus’s smart contracts tied to its Concentrated Liquidity Market Maker (CLMM), marking one of the most severe DeFi incidents of the year.

At BitJeton, we strongly urge our users and community to revoke any wallet approvals related to Cetus Protocol immediately and to stay updated via official security channels.

What Happened?

The exploit occurred on May 22, 2025, and was executed through a smart contract vulnerability within Cetus's CLMM infrastructure. Attackers leveraged an arithmetic overflow bug in the tick account logic to withdraw more tokens than deposited, targeting pools containing high-volume assets like SUI, USDC, and WETH. Funds were laundered through mixers and bridges across multiple transactions.

Response from Cetus Protocol

The Cetus team paused the affected contracts and collaborated with the Sui Foundation and blockchain security firms. A $6 million white-hat bounty has been offered for the safe return of funds. Approximately $162 million of the stolen assets have been frozen by Sui validators, with the remainder under investigation.

BitJeton's Security Advisory

• Visit Revoke.cash (or the Sui-native equivalent) to revoke all approvals for Cetus Protocol smart contracts.
• Avoid interacting with Cetus Protocol or its dApps until a full security audit is complete.
• Keep wallet permissions minimal and only connect to contracts you fully understand.
• Use reputable wallets with strong signing confirmation features.

DeFi Risk Still Real in 2025

The Cetus exploit highlights ongoing security risks in decentralized finance, even on emerging ecosystems like Sui. Smart contract vulnerabilities, unchecked protocol upgrades, and liquidity risks remain critical threats to users and protocols alike.

Final Thoughts

BitJeton remains unaffected by the Cetus exploit, but we stand with the community in advocating for improved DeFi security standards. To learn more about keeping your crypto safe and how our platform works, check out:

• What Is a Wallet and Where to Find Your Address
• How to Redeem Your BitJeton Voucher Securely
• How to Invest in Gold-Backed Crypto Using BitJeton

Need Help?

If you have questions about this exploit or need assistance, visit our Contact Page. We’re here to guide you through every step.