Cetus Offers Hacker $6 Million for Return of 20,920 ETH

The team behind the decentralized exchange Cetus has proposed a $6 million reward to a hacker for the return of 20,920 ETH (approximately $55.3 million at the current rate), stolen in a breach.

? Dear Sui community, thank you for your patience while our team works on the incident investigation and resolution.

Since taking the actions indicated in our previous announcement, we have also done the following:

1. We engaged the broader ecosystem, Sui team, and related… https://t.co/Gs1EWXZ6AD

— Cetus? (@CetusProtocol) May 22, 2025

On May 22, the perpetrator exploited a vulnerability in the platform’s liquidity pool smart contracts. Part of the stolen assets was converted into USDC and then into Ethereum.

Cetus and the analytics firm Inca Digital have offered the hacker to keep 2,324 ETH ($6 million at the current rate) as a reward, provided the remaining funds are returned. If the hacker agrees, the project promised not to involve law enforcement or disclose the hacker’s identity.

Sui validators have blocked transactions from wallets associated with the breach. Cetus stated that $162 million of the compromised funds have been temporarily frozen to protect the ecosystem, and the vulnerability has been addressed.

The actions of Sui validators have sparked criticism within the community. Cyber Capital founder Justin Bons remarked that the transaction blocking confirms the network’s centralization: 114 validators are controlled by the founders, who own the majority of SUI tokens.

SUI’s validators are colluding to CENSOR the hacker’s TXs right now!

Does that make SUI centralized? The short answer is YES; what matters more is why?

The “founders” own the majority of supply & there are only 114 validators!

Change only happens when we all understand the why

— Justin Bons (@Justin_Bons) May 23, 2025

According to a user known as 0xTodd, Sui developers have implemented a “whitelist” feature that allows certain wallets to bypass blocks.

关于 SUI 这一手冻结的操作，我好奇研究了黑名单具体是怎么实现的，以及昨天更新的白名单补丁又要干嘛？

1. 冻结如何实现？

首先是 SUI 这条链一直就有个功能，叫做 Deny List (拒绝服务的黑名单)，凡是进了黑名单的地址，节点都不执行相关的交易。… https://t.co/DuzoVYzRqT pic.twitter.com/cg7hTQ4fXS

— 0xTodd??? (@0x_Todd) May 23, 2025

He suggests this will simplify the return of funds if the hacker agrees to the deal. At the time of writing, the hacker has not responded to the offer.

Back in May 22, online sleuth ZachXBT reported that an unknown individual involved in the theft of $300 million from Coinbase users exchanged $42.5 million in Bitcoin for Ethereum via Thorchain.