The incentive for retrieving the stolen funds from the Sui-based decentralized exchange, Cetus, bears a striking similarity to a tactic that proved effective in a project on the Solana network about three years back.
It’s been discovered that Cetus and Crema Finance, a decentralized finance (DeFi) project on Solana, have the same development team. Notably, Crema Finance was hit by a $9-million hack in 2022 but managed to recoup most of the stolen funds through negotiations with the hacker. Now, it seems that Cetus is adopting a similar approach.
Cetus is requesting that the hacker gives back nearly all of the stolen money, leaving only around $6 million or approximately 2,324 Ether (ETH), in exchange for a pledge not to take any further legal action. This theft occurred during an exploit on May 22nd, which cost the protocol a total of $223 million.
Criticism has arisen among users due to the magnitude of the reward, as they are advocating for a structured reimbursement system instead. Some members within the community contend that regardless of the recovery of funds, much harm has already been inflicted—particularly on those who hold the CETUS token, as its value significantly decreased post-incident.
Simultaneously, Sui validators are facing criticism for their part in locking up the funds, which they argue is to facilitate recovery. However, detractors claim that this action highlights potential issues with centralization within the system.
Sui’s Cetus devs have a phantom exchange on Solana
In a past scenario, a tactic much like what the Cetus team utilized in Sui was effective in retrieving funds for Crema. Fast forward to today, Solana’s X account has not been updated since March 2023, and its trading platform now barely sees any activity, yet despite this decline, it appears that the hacker did not fare well in the end.
In the year 2022, the company Crema experienced an estimated loss of around 9 million dollars due to a hacking incident. Similar to what happened with Cetus, the hacker who attacked Crema was given a proposition: they could return the remaining funds while retaining approximately 1.6 million dollars, provided they did not inform law enforcement about the attack.
It is said that the individual suspected of being a hacker has been apprehended and subsequently imprisoned. In April 2024, Shakeeb Ahmed was sentenced by the US Attorney’s Office for the Southern District of New York to serve a three-year prison term due to his criminal activities involving two distinct cryptocurrency exchanges. Among these exchanges, one was recognized as Nirvana Finance, while the identity of the other remained undisclosed.
The specific circumstances surrounding the incident at the undisclosed exchange mirror the way Crema’s hack was carried out. This includes the precise date when the breach occurred as well as the conditions outlined in their agreement.
Norbert Bodziony, founder of Nightly App, claims the Cetus team was behind Crema Finance.
In a recent discussion, Bodziony chose not to reveal the specific means by which he discovered the connection between himself and CryptoMoon. However, he did mention that this relationship is widely recognized within the development community of Sui.
cryptoMoon attempted to contact Cetus for clarification on their potential link, however, there was no response from them before the publication date.
CryptoMoon has separately learned that both projects are founded by Henry Du.
Save Cetus; centralize Sui
Sui’s validator group has jointly prevented transactions from the hacker’s accounts, thereby locking up approximately $162 million of the pilfered assets within Sui. Prior to this security measure, around $63 million had already been transferred to Ethereum.
Despite the joint action proving successful in thwarting money laundering, the digital currency fraternity has voiced concerns over Sui for appearing excessively centralized.
As an analyst, I’m observing a concerning development: SUI‘s validators appear to be working together to suppress the hacker’s transactions at this moment. This raises questions about the decentralization of SUI. In essence, yes, this could be considered centralization. However, it’s crucial to delve deeper and understand the underlying reasons. The founders hold a significant portion of the supply, and there are only 114 validators involved. This structure, while not ideal for full decentralization, doesn’t necessarily mean SUI is inherently flawed. Instead, it highlights the importance of transparency, governance, and the long-term strategy for expanding the validator pool, which could ultimately lead to a more robust and truly decentralized network. (Justin Bons’ tweet on X)
It’s worth noting that compared to its more seasoned smart contract counterparts, Sui currently boasts only 114 active validators. For instance, Ethereum counts over a million validators and Solana has approximately 1,157.
Simultaneously, supporters from the Sui community justified the action, stating that such behavior aligns with how authentic decentralized networks operate in the real world.
One member of the Sui community expressed that decentralization isn’t about passively watching harm occur, but rather having the ability to collaboratively take action, without requiring approval.
After the hack, Sui programmers wrote code for a potential function that could have circumvented all verification and security measures by including certain transactions on a preferred list, known as a whitelist.
Although the function might have aided in the recovery of misappropriated assets, it sparked apprehensions regarding centralized authority and the potential weakening of decentralization. Consequently, the code wasn’t integrated into the system and is currently not operational on the network.
Sui and Cetus backlash contrasts recent hacks
The Cetus vulnerability has brought attention to the ongoing security issues within Decentralized Finance (DeFi), and it’s also sparking more profound debates about the true governance structure of networks like Sui, which are touted as being decentralized.
The team’s six-million-dollar proposal to the hacker follows a similar strategy they employed with Crema, but the crypto world seems less lenient this time around. With CETUS plummeting, trust deteriorating and validators blocking funds, skeptics wonder if Sui’s decentralization is more for show than substance.
The discussion about decentralization is not exclusive to Sui. For instance, when Bybit suffered a $1.4 billion loss in a cyberattack traced back to North Korean hackers in February, there were calls from security experts and users for platforms such as THORChain and eXch to restrict these funds.
Conversely, THORChain faced criticism for not taking action, whereas Sui is currently under fire for doing so.
At the moment, the hacker has yet to respond to Cetus’ proposal. There are two Ethereum wallets linked to the culprit that currently possess more than $60 million in ETH, showing no activity as we speak. The Sui accounts appear to be frozen.
Read More
- DC: Dark Legion The Bleed & Hypertime Tracker Schedule
- PENGU PREDICTION. PENGU cryptocurrency
- Netflix’s ‘You’ Season 5 Release Update Has Fans Worried
- Clair Obscur: Expedition 33 ending explained – Who should you side with?
- All 6 ‘Final Destination’ Movies in Order
- 30 Best Couple/Wife Swap Movies You Need to See
- Clair Obscur: Expedition 33 – Every new area to explore in Act 3
- All Hidden Achievements in Atomfall: How to Unlock Every Secret Milestone
- The Last Of Us Season 2 Drops New Trailer: Premiers April On Max
- ANDOR Recasts a Major STAR WARS Character for Season 2
2025-05-23 17:42