Nemo Protocol, a lending platform operating on the Sui blockchain, has become the latest decentralized finance project to experience a major security incident. Reports from blockchain security company CertiK indicated that the protocol lost approximately $2.4 million after what appeared to be a price oracle manipulation.
According to CertiK’s monitoring, suspicious withdrawals were detected from a single wallet address, suggesting that the attacker may have exploited weaknesses in Nemo’s pricing data. The manipulated oracle values allegedly enabled the perpetrator to withdraw assets worth more than the collateral they had provided.
Transaction records on SuiScan appeared to validate this activity, showing a rapid sequence of transfers that drained funds from the protocol in a short period of time.
Series of recent DeFi attacks
This event is part of a broader wave of security breaches affecting the DeFi ecosystem in early September. On September 4, decentralized exchange Bunni acknowledged that an error in its smart contract logic had been exploited. That flaw, stemming from a rounding issue, resulted in manipulated liquidity pools and flash loan attacks, costing the platform nearly $8.4 million.
Just days before that, Venus Protocol announced a temporary halt of operations following a phishing incident that led to the theft of $13 million from a user’s wallet. These back-to-back events highlight the vulnerabilities that continue to plague decentralized platforms despite ongoing efforts to improve security infrastructure.
Oracles under scrutiny
The Nemo Protocol exploit has once again drawn attention to the role of oracles within DeFi systems. Price oracles, which feed external data into blockchain applications, are critical for lending and trading mechanisms. However, they have repeatedly been identified as weak points, as inaccurate or manipulated data can allow attackers to bypass safeguards and extract funds.
Observers noted that while Sui has been gaining momentum as a next-generation blockchain, the platform’s rapid growth has not been matched by equally strong security measures. The exploit at Nemo underscores how oracles remain a frequent target for hackers who are well aware of their vulnerabilities.
We have seen suspicious withdrawals of ~$2.4M from @nemoprotocol on Sui
by https://t.co/lJgzxxnpsD that are possibly price manipulation attacks on its lending protocol.Stay Vigilant! pic.twitter.com/e0R2TINbFo
— CertiK Alert (@CertiKAlert) September 8, 2025
Uncertain recovery path
As of now, Nemo Protocol has not issued a detailed statement outlining how it intends to address the breach or what steps it may take to recover lost assets. Users and industry participants are awaiting clarity on how the lending platform plans to mitigate the impact and restore confidence.
The incident has intensified discussions about the importance of robust risk management practices in DeFi. Analysts have suggested that while innovative financial models are attracting adoption, the persistent occurrence of security breaches poses significant challenges to trust and stability in the sector.
A test for Sui’s resilience
For the Sui blockchain, this case is seen as an early test of its resilience against real-world exploits. As one of the newer entrants in the blockchain space, Sui’s ability to support secure decentralized applications is now under scrutiny. The outcome of Nemo’s response may influence perceptions of Sui’s ecosystem reliability, especially among users considering participation in its growing range of DeFi projects.
With the DeFi industry facing continuous threats, the latest incident has reinforced calls for stronger security standards and better oracle designs. The coming days are expected to show how Nemo addresses the breach and whether broader safeguards will emerge to prevent similar attacks across the sector.
