Key Takeaways:
- Cetus is offering a $6M bounty for the return of $56M in ETH stolen during a $223M exploit.
- Sui validators froze addresses linked to the hack, pausing $162M in compromised tokens.
- The incident sparked criticism over Sui’s centralization as token values, including CETUS, crashed.
Cetus Protocol, a decentralized exchange built on the Sui blockchain, is offering a $6 million bounty to the hacker behind a $223 million exploit that rocked the platform earlier this week.
The reward is part of a time-sensitive deal to recover a portion of the stolen assets — specifically, 20,920 ETH valued at around $56.3 million that was bridged to Ethereum.
Cetus Reaches Out to Hacker
In a late-night post on X, Cetus confirmed it had identified the Ethereum wallet used in the attack and had reached out to negotiate with the hacker.
“In exchange, you can keep 2,324 ETH (~$6M) as a bounty, and we will consider the matter closed,” the team said in a message co-signed by data analytics firm Inca Digital.
The message warned that legal and intelligence operations would begin if the attacker attempts to off-ramp or mix the assets.
The breach, which occurred Thursday, exploited a vulnerability in Cetus’ liquidity pool smart contracts.
The attacker drained millions in crypto, some of which were quickly swapped into USDC and converted to ETH. Cetus claims the vulnerability has now been patched.
Sui Network, the underlying blockchain for Cetus, responded by coordinating with validators to freeze addresses associated with the stolen funds.
“A large number of validators identified the addresses with the stolen funds and are ignoring transactions on those addresses until further notice,” the Sui Foundation said.
According to the Sui team, roughly $162 million worth of compromised tokens have been “paused” as a containment measure.
Dear Sui community, thank you for your patience while our team works on the incident investigation and resolution.
Since taking the actions indicated in our previous announcement, we have also done the following:
1. We engaged the broader ecosystem, Sui team, and related… https://t.co/Gs1EWXZ6AD
— Cetus
(@CetusProtocol) May 22, 2025
(@CetusProtocol) While Cetus applauded the collaborative effort with DeFi protocols and Sui stakeholders, the incident raised red flags in the crypto community over the level of control exercised by the network.
“Does that make SUI centralized? The short answer is YES,” wrote Cyber Capital founder Justin Bons, criticizing the validators’ ability to censor transactions.
He pointed to the network’s validator count and token supply concentration as key concerns.
In the aftermath, Cetus’ native token CETUS plunged 50% and currently trades at $0.1714, according to CoinGecko.
Other tokens tied to the protocol, including LOFI and HIPPO, suffered similar losses.
Crypto Lost $1.6 Billion to Hacks in Q1
In the first three months of 2025, the crypto ecosystem lost a whopping $1,635,933,800 across 39 incidents, according to the blockchain security platform Immunefi.
Most of that was the result of only two hacks of two centralized exchanges. Phemex suffered a $69.1 million loss in January, while Bybit lost $1.46 billion in February.
Subsequently, the total number of losses in the first quarter marks a 4.7x increase compared to Q1 2024. At that time, hackers and fraudsters stole $348,251,217.
Notably, experts assume that the infamous North Korean Lazarus Group is behind the two largest attacks. They stole $1.52 billion, or 94% of total losses.
The post Cetus Offers $6M Bounty to Hacker for Return of $56M in Stolen ETH appeared first on Cryptonews.
Credit: Source link