The Nemo protocol, a decentralized finance performance platform (DEFI) that operates in the Sui block chain, was the victim of a cyber attack that resulted in losses of $ 2.4 million just before its maintenance window scheduled on Monday and Tuesday.
The security violation was initially detected by PatchShieldalert on September 8, which reported through X that approximately $ 2.4 million in USDC had been drained from Nemo systems.
According to Blockchain’s security firm’s investigation, the hacker quickly moved stolen assets through the circle by joining the USDC in the referee to Ethereum.
TVL of $ 6.3 million 75% is blocked as users flee from the nemo protocol
Nemo acknowledged the incident on a posterior tweet, stating that the protocol had experienced a security violation last night that affected his market group.
The development team confirmed that an investigation was in progress to identify the root cause of vulnerability.
As a precautionary measure, all smart contract operations stopped temporarily.
The impact of the attack was felt immediately. According to Defillama data, the total blocked Nemo value (TVL) collapsed to approximately $ 1.57 million from more than $ 6.3 million before rape.
Users withdrawals exceeded USDC and SUI tokens of $ 3.8 million as investors rushed out, for fear that the scope of the exploit could be more extensive than it initially revealed.
The violation specifically aimed at the Nemo Performance Quotation mechanism, which allows users to divide the assets are in the main tokens (PT) and performance tokens (YT) for performance speculation purposes.
According to Blockchain Security Auditor Certik, safety risks can arise from multiple sources, including coding errors, Vulnerabilities of Red Blockchain and programming language limitations.
Sui Blockchain’s security crisis contributed to the defi losses of $ 2.37 billion in 2025
In particular, Nemo’s security violation marks the third great hacking aimed at the protocols defi this month.
At the beginning of September, the Venus protocol lost $ 13.5 million to the attackers, followed by a theft of $ 8.4 million of the Bunni protocol.
Similarly, in the sui ecosystem, the incident of Nemo follows another significant violation in the network of layer 1 from this year.
On May 22, the CETUS protocol, an outstanding supplier of decentralized exchange and liquidity, suffered an exploit of $ 223 million.
The attacker took advantage of an arithmetic overflow defect in a third -party code library to complete the drainage in 15 minutes.
In addition, these defenders are increasing in 2025.
The mid -year analysis of Slowmist revealed that the blockchain sector experienced more than $ 2.37 billion in losses among 121 security incidents during the first half of the year.
Defi protocols only represented 76% of these cases, although centralized exchanges registered greater individual losses.
A complementary report of the mid -year security evaluation of Hacken estimated the total losses of the cryptographic industry of more than $ 3.1 billion in the first six months.
Access control vulnerabilities, including poorly configured wallets and inherited inherited keys, represented 59% of these losses, while the exploits of intelligent contracts defi specific accounted for $ 263 million, or approximately 8%.
A recent interview between Cryptonews and Mitchell Amador, founder and CEO of Immunefi, highlighted why conventional security methodologies are inappropriate in the open source ecosystem of web3.
Amador explained that “traditional audits, being static and centered prior to launch, do not identify the vulnerabilities after the deployment present in dynamic defi environments.”
He advocated errors reward programs as a solution to encourage ethical computer pirates, fundamentally restructuring the cybersecurity economy so that defensive measures are more lucrative than offensive.
The protocol after Nemo loses $ 2.4 million to computer pirates in Sui Blockchain before planned maintenance appeared first in Cryptonews.