Nemo: $2.59 million asset loss attack stems from launching new features in under-authorized audit
Source: PANews
Time: 2025-09-11 10:38:40
PANews reported on September 11 that Nemo, the DeFi protocol on Sui, released an accident report saying that due to the security vulnerability of flash_loan and get_sy_amount_in_for_exact_py_out functions in the contract, it was exploited by the attacker, causing about US$2.59 million in asset losses. The attack originated from developers launching new features without sufficient audit and not fixing known risks in a timely manner. The main funds are transferred to Ethereum through a cross-chain bridge. The core functions of the protocol have been frozen, the vulnerability patch has been submitted for emergency audits, and the team is developing user compensation and asset tracking plans.