Cryptocurrency

Sui-based Nemo Protocol Exploited for $2.4 Million

Trix Raven

September 10, 2025
5:00 PM

Exploit Drains Nemo Protocol in Minutes

Nemo Protocol, a DeFi yield platform built on the Sui blockchain, suffered a major security breach on September 8 that resulted in the loss of $2.4 million in stablecoins. Blockchain security firm PeckShieldAlert was the first to detect unusual outflows, reporting that the attacker drained USDC from Nemo before bridging the stolen assets from Arbitrum to Ethereum. The exploit targeted Nemo’s core yield-trading system, which splits staked assets into Principal and Yield Tokens to enable speculation on future returns.

Nemo confirmed the breach shortly after on X, suspending all smart contract activity and launching an internal investigation. The immediate response aimed to prevent further damage, though significant funds had already been siphoned away by the time the freeze was implemented.

TVL Collapse Highlights Scale of Impact

The aftermath of the hack was swift and severe. According to DeFiLlama, Nemo’s total value locked (TVL) plunged from more than $6 million to around $1.53 million within hours. This sharp decline underscores both the scale of the exploit and the rapid erosion of user confidence.

Community members voiced concern over the protocol’s security model, with questions raised about whether vulnerabilities in Nemo’s design had been overlooked in the race to capture liquidity. The exploit also disrupted investor sentiment in the wider Sui ecosystem, with developers and analysts pointing to a pattern of repeated breaches in 2025.

Echoes of Cetus Exploit on Sui

Nemo’s breach comes just months after another devastating attack on Sui’s DeFi ecosystem. On May 22, Cetus Protocol, a leading decentralized exchange and liquidity provider, was exploited for approximately $223 million. Attackers used an arithmetic overflow vulnerability in a third-party math library to drain funds in less than 15 minutes.

While Sui validators and partners froze about $162 million on-chain, another $60 million was successfully bridged to Ethereum. Cetus suspended its contracts and offered a $6 million bounty in hopes of negotiating a whitehat settlement, but the incident left deep scars in community trust.

Broader Trend of DeFi Exploits in 2025

The attack on Nemo adds to a troubling trend of escalating DeFi vulnerabilities in 2025. Data from SlowMist shows that the blockchain industry lost $2.37 billion from 121 security incidents in just the first half of the year. DeFi protocols accounted for 76% of all incidents, even if centralized exchanges saw larger absolute losses.

A separate analysis by Hacken put overall industry losses at $3.1 billion during the same period, with access control failures—like compromised wallets and legacy keys—making up nearly 60% of the total. DeFi-specific smart contract vulnerabilities, such as the one that sank Cetus, still accounted for more than $263 million.

Security Gaps in Yield and Liquidity Protocols

Yield protocols like Nemo are particularly vulnerable because they rely on complex mechanisms for splitting, locking, and redistributing tokens. Each additional layer of functionality expands the attack surface, giving hackers more vectors to exploit. In Nemo’s case, the design of its yield-trading system appears to have been the target.

These weaknesses highlight a broader issue: while DeFi platforms race to innovate, security audits and stress-testing often lag behind. In ecosystems like Sui—still building their reputations as Ethereum alternatives—repeated exploits can hinder adoption and deter both institutional and retail users.

Market and Community Fallout

Following the attack, Nemo’s community was left rattled. Some users expressed frustration at the protocol’s lack of detailed communication, while others worried that losses might be unrecoverable. With TVL reduced to less than a quarter of its pre-exploit level, questions now surround Nemo’s ability to rebuild liquidity and restore confidence.

The Sui ecosystem as a whole also faces heightened scrutiny. Two major breaches within the same year raise doubts about whether its protocols and infrastructure are robust enough to withstand increasingly sophisticated exploits.

Calls for Stronger Security on Sui

Industry experts argue that the string of exploits on Sui is a wake-up call for stricter security standards. Suggested measures include mandatory third-party audits before mainnet launches, improved bug bounty programs, and greater collaboration with blockchain security firms. Others stress the importance of modular security frameworks that can adapt to evolving attack vectors rather than relying on static defenses.

Until such reforms are widely adopted, protocols built on Sui may struggle to shake off the reputation of being high-risk targets.

A Testing Year for Sui DeFi

The Nemo Protocol hack is not an isolated incident but part of a broader crisis facing DeFi security in 2025. With $2.4 million drained and TVL collapsing, Nemo joins Cetus as a high-profile casualty in the Sui ecosystem. As DeFi continues to attract both innovation and attacks, the ability of protocols to safeguard user funds will be the defining factor for long-term adoption.

For now, Nemo’s exploit serves as a reminder: in decentralized finance, innovation without robust security often comes at an enormous cost.

This article is sponsored content. Kryptonary does not verify or endorse the claims, statistics, or information provided. Cryptocurrency investments are speculative and highly risky; you should be prepared to lose all invested capital. Kryptonary does not perform due diligence on featured projects and disclaims all liability for any investment decisions made based on this content. Readers are strongly advised to conduct their own independent research and understand the inherent risks of cryptocurrency investments.