Nemo: Asset Loss Attacks Caused by Launching New Features in Under-Automated Audit
Source: ForesightNews
Time: 2025-09-11 10:48:13
Sui Ecological Lending Agreement Nemo released an accident report saying that due to the security vulnerability of flash_loan and get_sy_amount_in_for_exact_py_out functions in the contract, the attacker used the assets to cause about $2.59 million in asset losses. The attack originated from developers launching new features without sufficient audit and not fixing known risks in a timely manner. The attacker's main funds have been transferred to Ethereum through a cross-chain bridge. At present, the team has frozen the core functions of the agreement, the vulnerability patch has been submitted for emergency audits, and a user compensation and asset tracking plan has been formulated.