Pools linked to BlueMove, the trading venue and launchpad on Sui, were drained on July 11, triggering allegations of an insider backdoor exploit rather than a standard contract hack. Onchain researcher Tyler Simpson, active in the Sui ecosystem, publicly accused BlueMove of pulling all the total value locked in every linked pool, estimating the drain at over 700,000 Sui tokens. That’s the specific allegation, but what’s confirmed onchain is more limited: liquidity was abruptly removed from BlueMove-connected pools, pool charts were hit hard, and tokens associated with BlueMove’s MovePump launchpad were among those affected.

So far, there’s no independently verified technical post-mortem showing how the funds were taken or whether any privileged function or hidden admin control was used. That uncertainty is key. The difference between a routine vulnerability and a backdoor set by an insider determines if the venue’s governance and trust are themselves compromised.

The timing stands out too: the Sui token had been pressing a repeatedly tested ceiling, with attention high across the chain. The exploit doesn’t directly link to the price action, but it does hit just as focus on Sui was elevated. What’s next is clarity, an onchain post-mortem and direct communication from BlueMove on potential privileged access. At this stage, the core story is substantial disruption and a governance question, but the central insider allegation remains unproven.