Nemo Protocol $2.6M Hack: How Flash Loan Flaws and Audit Failures Led to Exploit
Source: Nemo Security Incident: Cause, Process, and Fund Tracing Report V1.1
On September 7, 2025, the Nemo protocol suffered a major security breach, resulting in a loss of approximately $2.59 million. This document breaks down how the attack occurred, why it wasn’t caught sooner, and steps underway to contain the fallout.
How the Attack Happened
The exploit hinged on two key vulnerabilities running in tandem:
- Public Exposure of Flash Loan Function: Originally designed as an internal feature, the
flash_loanfunction was mistakenly made publicly accessible. While not the root cause, this acted as an "accelerant" allowing quick fund manipulation. - Critical Flaw in Query Function: The function
get_sy_amount_in_for_exact_py_outwas intended only to fetch pricing data but contained a serious bug that enabled unauthorized modification of the contract’s internal state.
Attack Phases
1. Primary Attack: The attacker leveraged the flash_loan along with calls to borrowing and swapping functions to manipulate the SY/PT liquidity pool. They minted large amounts of SY tokens improperly, repaid the flash loan, and drained the pool.
2. Secondary Attack: The distortion of the exchange rate enabled arbitrageurs to exploit incorrect prices via the Claim_Reward function, extracting further assets.
Root Causes: Governance & Development Shortcomings
- Audit and Deployment Failures: The initial audit by MoveBit confirmed the
flash_loanas internal and safe. However, developers added new, unaudited features – including the vulnerableflash_loanand query function – after the initial audit but before deployment. - Single-Signature Upgrade Process: Upgrades were managed by a single key, which allowed the deployment of unaudited and unsafe code without sufficient oversight.
- Delayed Bug Fixes: An earlier warning from the Asymptotic security team about the
update_current_exchange_ratefunction was not addressed promptly due to prioritization issues.
Timeline Highlights
- January 5-6, 2025: The vulnerable code version was deployed without full audit confirmation.
- April 3, 2025: Upgrade governance improved to multi-signature control, but only after vulnerable code was already on mainnet.
- August 11, 2025: Security concerns raised by Asymptotic were deprioritized.
- September 7, ~16:00 UTC: Attack was initiated.
- September 7, ~16:50 UTC: Emergency pause activated, and security teams engaged.
Fund Tracing and Asset Status
- Attacker wallets identified on Sui blockchain: https://suivision.xyz/account/0x01229b3cc8469779d42d59cfc18141e4b13566b581787bf16eb5d61058c1c724?tab=Activity
- Funds moved via Wormhole CCTP bridge to Ethereum, routed through intermediate and final wallets holding roughly $2.4 million in stolen assets.
Ethereum addresses:
- https://etherscan.io/address/0x135477aa627a3bcc3223bde10dd8e7c55a1f645c
- https://etherscan.io/address/0x41b1906c4bcded607c6b02861ce15c2e49ff7576
Mitigation & Next Steps
- Protocol Paused: Core functions halted to prevent further damage.
- Patches Ready:
flash_loanfunction made internal only, removing public exposure.- Query function fixed to enforce read-only state.
- Vulnerabilities in exchange rate update fixed as well.
- Audit: Emergency incremental audit underway with Asymptotic; plan to engage additional firms for independent review.
- State Restoration: Manual reset functions added to fix corrupted backend data (e.g., pricing indices).
- Liquidity Pool Rebalancing: Ongoing loss modeling to quantify and restore pool asset ratios. Capital injections will aid recovery.
- User Compensation: The core team is designing compensation plans involving tokenomics-based debt structuring, to be shared soon with the community.
- Collaboration With Law Enforcement: Active cooperation with security firms, exchanges, and investigators is ongoing to track and freeze stolen funds.
Lessons and Reflections
Nemo’s team acknowledges the incident as a clear warning that:
- Security complacency is costly. Even with multiple audits and upgrades, critical new features require uncompromising scrutiny before deployment.
- Strong governance structures matter. Single-key upgrades enabled unsafe code releases.
- Clear communication and prioritization of security warnings are essential.
The team commits to bolstering security, increasing transparency, expanding audit and bug bounty programs, and maintaining continuous vigilance moving forward.
