Nemo Protocol launched its NEOM debt token program to compensate victims of a $2.6 million exploit that devastated the Sui-based DeFi platform on September 7.
The protocol will situation one NEOM token for each greenback misplaced, permitting customers to assert debt tokens whereas migrating remaining property to safe multi-audited contracts.
The hack originated from a rogue developer who secretly deployed unaudited code containing vital vulnerabilities, bypassing inner evaluation processes via single-signature deployment.
The attacker exploited flash mortgage features incorrectly uncovered as public and question features that might modify contract state with out authorization.
Nemo’s whole worth locked collapsed from $6.3 million to $1.57 million as customers withdrew over $3.8 million price of USDC and SUI tokens following the breach.
The exploit occurred throughout one in every of crypto’s worst safety days in 2025, coinciding with SwissBorg’s $41.5 million SOL hack and the Yala stablecoin depeg assault.
Official Replace:
Following the September 8 safety incident, Nemo Protocol has finalized a complete compensation plan. We stay dedicated to transparency and accountability.
We’re deeply grateful to our group and companions for his or her belief and assist, and we’ll… pic.twitter.com/OWDIG5PSyA— Nemo (@nemoprotocol) September 15, 2025
Rogue Developer’s Secret Code Deployment Triggers Safety Disaster
The autopsy investigation revealed systematic safety failures relationship to January 2025 when the unnamed developer submitted code containing unaudited options to MoveBit auditors.
The developer failed to spotlight new additions whereas mixing beforehand audited fixes with unreviewed performance, making a compromised basis.
MoveBit issued its ultimate audit report based mostly on incomplete info, because the developer used unauthorized good contract variations.
The crew deployed contract model 0xcf34 utilizing a single-signature tackle 0xf55c, somewhat than audit-confirmed hashes, thereby circumventing established evaluation protocols completely.
Asymptotic crew recognized the vital C-2 vulnerability in August, warning that features may modify code with out permission.
The developer dismissed severity considerations and didn’t implement crucial fixes regardless of accessible assist from safety companions.
Assault execution started at 16:00 UTC on September 7 with hackers leveraging the flash mortgage operate and a recognized question vulnerability.
Detection occurred thirty minutes later when YT yields displayed over 30x returns, indicating system compromise.
@nemoprotocol blames $2.6M exploit on rogue developer who deployed unaudited code with flash mortgage vulnerabilities, bypassing evaluations.#Sui #Crypto #hackhttps://t.co/lZctUh16tY
— Cryptonews.com (@cryptonews) September 11, 2025
The developer drew inspiration from Aave and Uniswap protocols to maximise composability via flash mortgage capabilities, however critically underestimated safety dangers.
Capabilities designed for read-only functions contained write capabilities, creating the first assault vector that enabled the devastating breach.
NEOM Restoration Program Provides Market-Primarily based Exit Technique
The three-step restoration program begins with asset migration, permitting customers to switch residual worth from compromised swimming pools to new safe contracts via one-click actions.
Customers concurrently obtain NEOM debt tokens pegged 1:1 to their USD losses decided by pre-hack snapshots.
Nemo will inject worth into NEOM via a multi-tiered redemption waterfall mannequin, with recovered hacker funds forming the first supply for proportional claims.
Exterior capital injections, comparable to liquidity loans and strategic investments, will present secondary assist as confidence anchors.
The protocol established instant AMM liquidity swimming pools with vital depth on main Sui DEXs, creating immediate market-based exit paths for customers prioritizing liquidity over long-term restoration.
The NEOM/USDC buying and selling pair allows market pricing based mostly on perceived restoration timelines and protocol success likelihood.
The hack contributes to 2025’s devastating DeFi safety disaster, with over $2.37 billion misplaced throughout 121 incidents throughout the first half alone.
September emerged as notably damaging with SwissBorg’s SOL compromise, npm provide chain assaults affecting billions of downloads, and the Yala stablecoin shedding its greenback peg.
The Yala stablecoin ($YU), a Bitcoin-native over-collateralized stablecoin backed by Polychain, misplaced its greenback peg after a protocol assault despatched $YU crashing to $0.2074.#Stablecoin #Bitcoinhttps://t.co/RxbGVEG6Ba
— Cryptonews.com (@cryptonews) September 14, 2025
Significantly, the Yala stablecoin (YU) assault, which occurred this weekend, noticed YU lose its greenback peg following a protocol assault that despatched the Bitcoin-native over-collateralized stablecoin crashing to $0.2074 earlier than recovering to $0.917.
The suspected attacker minted 120 million YU tokens on Polygon and offered 7.71 million throughout Ethereum and Solana for 7.7 million USDC.
For Nemo Protocol, stolen property totaling $2.59 million moved via refined laundering operations by way of Wormhole CCTP earlier than ultimate aggregation on Ethereum.
Safety groups established monitoring protocols for holding addresses whereas coordinating with centralized exchanges on potential asset freezing measures.
The protocol applied emergency incremental audits with Asymptotic whereas planning extra impartial safety agency evaluations.
The submit Nemo Protocol Points NEOM Debt Tokens to Compensate $2.6M Exploit Victims appeared first on Cryptonews.