Verus Hacker Returns $8.5M in ETH After Accepting Bounty Deal

The exploiter kept 1,350 ETH, valued at around $2.8 million, as part of the agreement after Verus proposed treating the remaining funds as a white hat reward if most of the stolen assets were returned within 24 hours. The exploit targeted the Verus-Ethereum bridge through a forged cross-chain transfer vulnerability, and only added to concerns around DeFi security and bridge-related attacks in the crypto sector.

Verus Exploiter Returns Most Stolen ETH

The attacker behind the recent Verus bridge exploit the majority of the stolen funds after reaching an agreement with the project team. According to blockchain security firm PeckShield, the exploiter transferred 4,052 ETH back to the Verus team wallet, which is valued at approximately $8.5 million. In exchange, the attacker kept 1,350 ETH, worth roughly $2.8 million, as part of a negotiated bounty arrangement that was offered by the project.

The agreement was made shortly after Verus publicly proposed a settlement to the attacker. The team stated that if 4,052.4 ETH was returned within 24 hours, the remaining funds would be considered a legitimate white hat bounty rather than stolen assets. The exploiter ultimately accepted the proposal, which allowed the project to recover around 75% of the total funds lost during the attack.

itself targeted the Verus-Ethereum bridge through what has been described as a forged cross-chain transfer vulnerability. have become one of the most common attack vectors in the decentralized finance sector because they manage large amounts of liquidity while connecting separate blockchain ecosystems. Exploits involving bridges have repeatedly resulted in multimillion-dollar losses over the past several years.

The Verus incident happened during a time where DeFi-related security breaches are still a major concern for the cryptocurrency industry. According to from DefiLlama, decentralized finance hacks reached approximately $634 million in stolen funds during April alone.

Two of the largest incidents included the $280 million exploit affecting and the $293 million exploit involving . Although losses in May have dropped to around $38 million so far, security vulnerabilities still damage confidence in decentralized platforms.

These ongoing attacks are some of the biggest barriers preventing mainstream adoption of blockchain technology. As more value flows into DeFi protocols and cross-chain infrastructure, the pressure on projects to strengthen smart contract security, auditing standards, and bridge protections intensifies.