Cetus Protocol, a decentralized exchange built on the Sui blockchain, has offered a $6 million bounty to the hacker responsible for the exploit earlier this week, in hopes of recovering lost user funds.
In a statement posted late Thursday on X, Cetus confirmed it had identified the Ethereum wallet address tied to the attacker and was now engaged in negotiations to retrieve the stolen assets. The offer is described as time-sensitive and pertains specifically to the funds bridged to Ethereum during the exploit.
“We have identified the Ethereum wallet address controlled by the hacker… and reached out to negotiate the return of customer funds,” the team said.
The hack, which exploited a vulnerability in Cetus’ liquidity pool smart contracts, resulted in over $200 million in assets being drained. Some of the funds were quickly swapped into USDC, then converted into ETH, and partially bridged off Sui.
In collaboration with Inca Digital, Cetus sent a direct message to the attacker, demanding the return of 20,920 ETH (~$56.3 million) and all assets frozen on Sui wallets.
“In exchange, you can keep 2,324 ETH (~$6M) as a bounty… and we will consider the matter closed,” the message reads, warning that legal action will begin if any funds are off-ramped or laundered.
Cetus also confirmed that the vulnerability has been identified and patched, and further measures are being taken to secure the protocol.
The incident adds to a growing list of DeFi exploits in 2025, as projects race to balance open-source innovation with robust security measures.
Kosta Gushterov
Reporter at Coindoo
Kosta has been a part of the team since 2021 and has solidified his position with a thirst for knowledge, incredible dedication to his work and a “detective-like” mindset. He not only covers a wide range of trending topics, he also creates reviews, PR articles and educational content. His work has also been referenced by other news outlets.
Source: https://coindoo.com/cetus-protocol-offers-6m-bounty-to-hacker-after-exploit/