Close Menu
    Subscribe
    Crime

    Cetus Hacker Offered $6M as Team Seeks Return of Stolen ETH

    Cetus Teams Up with Sui Validators to Freeze Funds and Negotiate Safe Return
    Newton KitongaBy No Comments3 Mins Read

    TLDR;

    • Cetus offers $6M to hacker for returning 20,920 ETH stolen in exploit.
    • $162M frozen; vulnerability patched; Cetus resumes operations with Sui network support.
    • Sui validators blocked hacker wallets, sparking centralization concerns in community.
    • Attacker silent; Cetus aims to recover remaining funds without law enforcement involvement.

    Decentralized exchange (DEX) Cetus has offered a $6 million reward to the hacker responsible for a major exploit that siphoned over 20,920 ETH (valued at approximately $55.3 million) from its platform.

    Cetus’s $223 Million Hole

    The breach occurred on May 22, targeting smart contract vulnerabilities in Cetus’ liquidity pools on the Sui blockchain. According to the Cetus team, the attacker initially drained $11 million from the SUI/USDC liquidity pool, triggering a cascade that wiped out reserves and crashed token prices by up to 75%. The exploit led to a broader loss estimated at $223 million, although $162 million of that has since been frozen, thanks to swift action by Sui validators.

    In a statement on X, late Thursday  Cetus confirmed the halt of its smart contracts immediately following the breach. “We’ve patched the vulnerability and resumed operations,” the team said, noting that it was working closely with the Sui Foundation and other ecosystem members to recover the remaining funds, estimated to be around $60 million.

    $6 Million Bounty

    To encourage the safe return of the stolen assets, Cetus, alongside blockchain analytics firm Inca Digital, has proposed a white hat agreement: the attacker can keep 2,324 ETH (valued at around $6 million) as a reward, provided the remaining funds are returned. The team also pledged not to involve law enforcement or disclose the hacker’s identity if they comply.

    Controversy Over Sui Validator Actions

    While Cetus and its partners scramble to recover the funds, the incident has sparked broader concerns over blockchain decentralization. In the wake of the exploit, Sui validators took the unprecedented step of blocking transactions from wallets tied to the hack. This intervention has drawn sharp criticism.

    Cyber Capital founder Justin Bons labeled the move a sign of centralization, noting that a small group of Sui’s original developers and insiders control the majority of validator power. According to him,  the Cetus exploit exposed “the illusion of decentralization.”

    Additional controversy arose with reports from blockchain analyst 0xTodd, who claimed on Friday that Sui developers had implemented a “white sheet” functionality, allegedly allowing certain wallets to bypass transaction restrictions. While potentially helpful for recovering funds, critics argue it undermines user trust in the network’s integrity.

    Crypto Security Challenges Persist

    The Cetus breach arrives on the heels of several high-profile exploits, signaling a challenging period for DeFi security. Just a day earlier, blockchain sleuth ZachXBT revealed that a separate attacker involved in a $300 million theft from Coinbase users laundered $42.5 million in Bitcoin via Thorchain. However, in that case, Coinbase declined the attacker’s demand for a $20 million ransom, instead offering a bounty for tips leading to the perpetrators.

    In contrast, Cetus appears to be opting for negotiation, at least initially.

    “Our highest priority is recovering user funds,” the team said in their statement, promising a full incident report in the coming days as the team continues to coordinate recovery efforts with blockchain partners and white-hat hackers.

    At press time, the attacker had yet to respond to Cetus’ offer.

    Share.

    Related Posts

    Add A Comment
    Leave A Reply