“Ok, why is literally everybody and their mom talking about Sui right now?”

If that’s you – hey, you realize we bought you. Let’s put an finish to the ache of being unaware:

Yesterday, the Sui blockchain skilled the most important DeFi hack of 2025.

A hacker stole $223M from Cetus, the most important DEX aggregator on Sui.

FYI: that is about 94% of what the platform had in complete worth locked (TVL) the day earlier than. So yeah, fairly massive deal.

“But… how?”, stated you, possibly.

Like I stated – don’t be concerned, we bought you.

The attacker exploited a flaw in Cetus’ good contracts – and in response to HackenProof CTO Alex Horlan, that is how the entire thing went down:

Step 1. Making a rubbish token look worthwhile

The attacker made their very own token – only a nugatory coin known as BULLA.

Now, on most DEXs, costs are set by what number of cash are sitting in a pool. If there’s loads of BULLA and solely a bit of SUI (a legit token), the system assumes BULLA should be actually worthwhile – as a result of it thinks it takes loads of BULLA to purchase just a bit SUI.

So the hacker dumped tons of BULLA into the pool and added only a little bit of SUI. Now the pool’s value math was tricked: it thought 1 BULLA was price loads of SUI, when actually, it was rubbish.

Step 2. Establishing a faux liquidity pool

Subsequent, the hacker used BULLA to create a brand new liquidity pool – this time including virtually nothing to it, simply sufficient to set it up.

When somebody begins a brand new liquidity pool, they get LP tokens in return. These LP tokens are like a receipt exhibiting what p.c of the pool you personal, and later you may commerce them in to get your share of the true tokens within the pool.

However the system nonetheless thinks the faux token is tremendous costly, so when the attacker provides a tiny little bit of it into the pool, it treats that like a large deposit. Because of this, the hacker will get an enormous variety of LP tokens – far more than they really deserve.

Step 3. Money out

Now armed with these LP tokens, the hacker begins eradicating liquidity – exchanging their LP tokens for actual tokens from the pool.

As a result of the system’s math is damaged from the sooner trick, it lets them hold pulling out actual cash – repeatedly – though they barely put something actual in to start with.

I do know. Loopy stuff.

And the end result was a large number:

Craaaazy stuff.

Cetus scrambled to reply:

• Paused all good contracts to stop extra harm;

• Teamed up with the Sui Basis and froze round $162M of the hacker’s funds. Sadly, the hacker had already bridged about $60M over to Ethereum;

• Supplied a white hat bounty – as much as $6M – if the attacker returns the Ether.

Which seems like a fairly strong response.

However many individuals went like, “Uhhh… pause. Sui can freeze funds?”

Yeah, if somebody can simply halt transactions, it feels so much like the normal banking system. And for a community that calls itself decentralized, that’s an enormous crimson flag.

Alternatively, individuals like crypto sleuth Matteo identified that what occurred wasn’t centralized management – it was decentralization in motion.

In response to him, Sui validators from everywhere in the world independently coordinated to cease a recognized malicious pockets. Nobody gave orders, nobody needed to ask permission. They simply selected to behave.

That, he stated, is what true decentralization seems to be like – not being powerless, however having the ability to reply collectively as a community.

And it in all probability was the best selection. If you happen to can cease somebody from stealing, why wouldn’t you?

However even when this made sense, it left a crack in the concept that Sui was absolutely decentralized.

So yeah. And that, mates, is why everyone seems to be freaking out about Sui. The ache of unawareness has been launched.

Now you are within the know. However take into consideration your pals – they in all probability do not know. I’m wondering who might repair that… 😃🫵 Unfold the phrase and be the hero you realize you might be!