SUI區塊鏈生態系統受到了巨大的安全漏洞的震動

CETUS協議是其最大的分散交易所（DEX）和流動性提供商，證實了據報導的漏洞，據報導造成了超過2億美元的排水資金。

A massive security breach within the Sui blockchain ecosystem has come to light, with Cetus Protocol, the largest decentralized exchange (DEX) and liquidity provider on the network, confirming an exploit that has reportedly resulted in over $200 million being drained from its protocols.

SUI區塊鏈生態系統內的大規模安全漏洞已經曝光，CETUS協議，該網絡上最大的分散交易所（DEX）和流動性提供商，據報導，據報導，該漏洞已導致超過2億美元的資金從其協議中耗盡了超過2億美元。

The exploit, which came to light on Thursday, saw attackers utilize "spoof tokens" to manipulate Cetus Protocol's internal price curves and liquidity reserve calculations. By adding nearly zero liquidity with these artificial tokens, the malicious actors were allegedly able to trick the system into allowing them to repeatedly withdraw real assets like SUI and USDC from various liquidity pools without needing to meaningfully deposit any value.

週四揭露的漏洞利用利用攻擊者利用“欺騙令牌”來操縱CETUS協議的內部價格曲線和流動性儲備金計算。通過在這些人造代幣中添加幾乎為零的流動性，據稱惡意演員能夠欺騙該系統，使他們能夠從各種流動性池中反复撤回像SUI和USDC這樣的真實資產，而無需有意義地存入任何價值。

The incident was confirmed by Cetus Protocol itself via an X post, in which it stated that its smart contracts have been temporarily paused out of safety precautions as a full investigation into the matter is ongoing. The protocol noted that approximately $162 million of the compromised funds had been "paused," indicating efforts are being made to recover a substantial portion of the stolen assets, potentially with cooperation from the Sui Foundation.

CETUS協議本身通過X帖子證實了這一事件，其中指出，由於對此事的全面調查，其智能合約已暫時暫停出於安全預防措施。該協議指出，大約1.62億美元的折衷資金被“暫停”，表明正在努力追回大部分被盜資產，可能在SUI基金會的合作下進行。

As of Thursday morning, Cetus Protocol's smart contracts have been paused to prevent further theft of funds. We have also engaged the broader Sui ecosystem and several third parties for incident analysis and fund tracing, successfully flagging the hacker’s accounts.

截至週四早上，CETUS協議的智能合約已暫停，以防止進一步盜竊資金。我們還聘請了更廣泛的SUI生態系統和幾個第三方進行事件分析和資助追踪，並成功地標記了黑客的帳戶。

Moreover, we have identified and patched the root cause of the exploit, quickly notifying other ecosystem builders to avoid such vulnerabilities. We are also working with professional anti-cybercrime organizations for specialized support in tracing the funds and potentially negotiating with the hacker. Finally, we are in contact with relevant law enforcement to arrange further assistance.

此外，我們已經確定並修補了利用的根本原因，並迅速通知其他生態系統構建者以避免這種脆弱性。我們還與專業的反週期組織合作，以尋求資金並可能與黑客進行談判。最後，我們正在與相關執法部門聯繫以安排進一步的幫助。

On-chain analysis reveals that the attacker's wallet, (which we will not be linking out of respect for user privacy), is still active and holds millions in SUI tokens. A large sum of USDC has also been bridged to other chains, likely in an effort to quickly obfuscate the stolen funds.

鏈上分析表明，攻擊者的錢包（我們不會出於對用戶隱私的尊重而鏈接），仍然活躍，並持有數百萬個SUI令牌。大量USDC也已被橋接到其他連鎖店，可能是為了迅速使被盜的資金混淆。

This large-scale theft has exposed a critical vulnerability within the Sui DeFi infrastructure, as key token pools on the chain are now nearly empty, rendering trading functionality nearly impossible.

這種大規模的盜竊案在SUI Defi基礎架構中暴露了一個關鍵的漏洞，因為鏈條上的關鍵令牌池現在幾乎是空的，幾乎不可能使交易功能變得不可能。

While the exact nature of the vulnerability is still being investigated by several community members, security experts are pointing towards an "oracle manipulation attack." This method involves deceiving a protocol's price oracle – the mechanism that feeds external price data to smart contracts – into misrepresenting asset values, allowing attackers to exploit discrepancies.

雖然幾位社區成員仍在調查脆弱性的確切性質，但安全專家指出了“甲骨文操縱攻擊”。該方法涉及欺騙協議的價格甲骨文（將外部價格數據供應智能合約的機制）誤解了資產價值，從而使攻擊者能夠利用差異。

In the immediate aftermath, Cetus Protocol's native token, CETUS, has plummeted by over 40%, while numerous Sui-based meme coins experienced even steeper declines, with some losing over 90% of their value. Despite the widespread panic and significant disruption to the ecosystem's liquidity, the native SUI token itself has shown surprising resilience, with its price experiencing only minor fluctuations following the news.

在緊隨其後的是，Cetus協議的原始令牌Cetus跌落了40％以上，而許多基於SUI的Meme硬幣的下降甚至更高，其中一些損失了其價值的90％以上。儘管對生態系統的流動性造成了廣泛的恐慌和嚴重的破壞，但本地的Sui代幣本身表現出令人驚訝的彈性，其價格在新聞後僅出現微小的波動。