Nemo Protocol Exploit: A Blow to Sui Blockchain’s Security
Nemo Protocol, a DeFi yield platform built on the Sui blockchain, has fallen victim to a significant exploit, resulting in the theft of millions in stablecoins. The breach was first identified by PeckShieldAlert on September 8, with initial reports indicating that approximately $2.4 million in USDC had been stolen from Nemo.
Immediate Aftermath and Investigation
The attacker promptly bridged the stolen funds from Arbitrum to Ethereum, as revealed by PeckShieldAlert’s analysis. Nemo Protocol confirmed the attack via a tweet, announcing that an investigation was underway to determine the cause of the breach. As a precautionary measure, the protocol suspended all smart contract activity.
Impact on Nemo’s Total Value Locked (TVL)
The exploit had an immediate and profound impact on Nemo’s total value locked (TVL). According to data from DeFiLlama, Nemo’s TVL plummeted to about $1.53 million, down sharply from over $6 million before the attack. The yield-trading system, which allows users to split staked assets into Principal Tokens (PTs) and Yield Tokens (YTs) to speculate on future returns, was the primary target of the exploit.
Broader Concerns for Sui Blockchain Security
The Nemo hack has raised concerns about the security of the Sui blockchain, particularly given that it is the second major exploit on the platform in 2025. The incident has significant implications for the Sui ecosystem, with many questioning the effectiveness of its security measures.
Previous Exploit: Cetus Protocol
Just months prior to the Nemo hack, Cetus Protocol, a leading decentralized exchange and liquidity provider on the Sui blockchain, was exploited for $223 million. The attacker exploited an arithmetic overflow vulnerability in a third-party math library, draining funds in under 15 minutes. Sui validators and ecosystem partners managed to freeze approximately $162 million of the stolen assets on-chain, while $60 million was bridged out to Ethereum.
Cetus Protocol’s Response
In response to the exploit, Cetus suspended its smart contracts and initiated a recovery plan. The plan included a $6 million bounty for information leading to the recovery of the stolen funds, as well as discussions of a “whitehat settlement” offering the attacker amnesty if the remaining funds were returned.
DeFi-Targeted Attacks on the Rise
The Nemo and Cetus exploits are part of a larger surge in DeFi-targeted attacks throughout 2025. According to SlowMist’s mid-year report, the blockchain industry suffered over $2.37 billion in losses from 121 security incidents in the first half of the year, with DeFi accounting for 76% of those incidents.
Crypto Industry Losses
A separate analysis by Hacken’s 2025 mid-year security report puts total crypto industry losses at over $3.1 billion in the first six months. Access control failures, such as misconfigured wallets and legacy keys, accounted for 59% of those losses, while DeFi-specific smart-contract vulnerabilities like the Cetus bug made up $263 million, or about 8%.
Conclusion
The Nemo Protocol exploit serves as a stark reminder of the ongoing security challenges faced by the Sui blockchain and the broader DeFi ecosystem. As hackers continue to target DeFi protocols across multiple chains, it remains to be seen whether new security measures can keep pace with the rising sophistication of attacks. For the latest updates on this developing story, follow bitpulse for in-depth coverage and analysis.