Cetus releases report on theft incident, will advance LP compensation plan and strengthen security audits

On May 27, Cetus released a report on a theft incident, stating that on May 22, Cetus experienced a sophisticated smart contract attack targeting the CLMM liquidity pool. Cetus promptly took measures to mitigate the impact. The attacker exploited an undiscovered vulnerability in an open-source library, manipulated the pool price downwards, established positions in high-price areas, and used an overflow check defect to inject minimal tokens into inflated liquidity. They then repeatedly executed liquidity removal operations to extract assets from the pool, repeatedly exploiting unchecked calculation functions to attack, ultimately successfully stealing funds. To protect the ecosystem's best interests, with the support of most Sui validator nodes, Cetus urgently froze two Sui wallet addresses of the attacker, which contained the majority of the stolen funds. The remaining stolen funds were exchanged by the hacker and transferred cross-chain to the Ethereum mainnet. Cetus is collaborating with the Sui security team and multiple auditing firms to re-examine the contract and conduct a multi-party joint audit to ensure the safe resumption of CLMM services after verification. Meanwhile, Cetus will enhance on-chain monitoring, initiate additional audits, and regularly release security reports. To compensate affected LPs, Cetus is working with ecosystem partners to develop a recovery plan and is calling on Sui validators to support on-chain voting to expedite the return of user assets and rebuild confidence. While legal proceedings continue, Cetus has also offered the attacker a white hat return opportunity. Cetus will issue a final ultimatum to them soon. Any updates will be transparently communicated to the community by Cetus.