Cetus Protocol Offers 6 Million Bounty for 56.3 Million ETH Stolen

Cetus Protocol, a decentralized exchange operating on the Sui blockchain, has announced a $6 million bounty for the return of approximately $56.3 million in Ethereum (ETH) that was stolen during a recent exploit. The incident, which occurred on Thursday, involved a vulnerability in Cetus’ liquidity pool smart contracts, allowing the attacker to drain millions in cryptocurrency. Some of the stolen funds were quickly swapped into USDC and then converted to ETH.

The bounty is part of a time-sensitive deal aimed at recovering a portion of the stolen assets. Cetus has identified the Ethereum wallet used in the attack and has reached out to the hacker with a proposal. In exchange for returning the 20,920 ETH, the hacker would be allowed to keep 2,324 ETH, valued at around $6 million, as a bounty. The message, co-signed by data analytics firm Inca Digital, warns that legal and intelligence operations will commence if the attacker attempts to off-ramp or mix the assets.

In response to the breach, the Sui Network coordinated with validators to freeze addresses associated with the stolen funds. This action has effectively paused approximately $162 million worth of compromised tokens as a containment measure. The Sui Foundation stated that a large number of validators have identified the addresses with the stolen funds and are ignoring transactions on those addresses until further notice.

While Cetus has praised the collaborative effort with DeFi protocols and Sui stakeholders, the incident has sparked criticism over the level of control exercised by the network. Critics, including Cyber Capital founder Justin Bons, have raised concerns about the network’s centralization, pointing to the validators’ ability to censor transactions and the concentration of token supply. In the aftermath of the exploit, Cetus’ native token CETUS, along with other tokens tied to the protocol such as LOFI and HIPPO, experienced significant losses, with CETUS plummeting by 50% and currently trading at $0.1714.

This incident highlights the ongoing challenges faced by the cryptocurrency ecosystem in securing decentralized platforms. The exploit at Cetus Protocol is part of a broader trend of significant losses due to hacks and frauds in the first quarter of 2025. According to the blockchain security platform Immunefi, the crypto ecosystem lost a total of $1.635 billion across 39 incidents during this period. Most of these losses were attributed to two major hacks on centralized exchanges, with Phemex suffering a $69.1 million loss in January and Bybit losing $1.46 billion in February. Experts have speculated that the infamous North Korean Lazarus Group may be behind these attacks, which accounted for 94% of the total losses.