What happened?
The decentralized finance (DeFi) yield platform Nemo Protocol, operating on the Sui blockchain, fell prey to a cyberattack resulting in a loss of $2.4 million ahead of its scheduled maintenance window. The breach was initially detected by PeckShieldAlert, which reported that about $2.4 million in USDC was drained from Nemo’s systems. The hackers moved the stolen assets via Circle by bridging USDC on Arbitrum to Ethereum.
Who does this affect?
The security breach primarily affects Nemo Protocol and its users, particularly those who invested in its Market pool, which was directly impacted by the hack. Following the incident, nervous users rushed to withdraw their investments, causing Nemo’s total value locked (TVL) to plummet from over $6.3 million to approximately $1.57 million, triggering a 75% crash.
Why does this matter?
The Nemo Protocol attack is significant as it adds to the increasing number of DeFi-focused cyberattacks this year, which have resulted in over $2.37 billion losses across 121 security incidents in the first half of 2025 alone. This incident underscores the vulnerabilities inherent in blockchain networks and programming languages, highlighting the need for heightened security measures, including bug bounty programs, to protect against such exploits.