The exploiter behind the Verus bridge vulnerability has returned 4,052.4 ETH, worth roughly $8.5 million, following a negotiated bounty agreement with the project's development team. Onchain data flagged by security analysts on Friday confirmed the massive transfer back to the Verus network's control, marking a rare successful recovery in the high-stakes world of cross-chain security.
Under the terms of the white-hat agreement, the attacker retained approximately $2.8 million as a bounty. This represents a substantial payout–roughly 25% of the total stolen funds–highlighting the growing leverage exploiters hold over compromised protocols. For Verus, recovering the bulk of the liquidity was the priority, even at a steep premium. The alternative was a prolonged, likely fruitless legal chase and a permanently broken bridge.
Bridge exploits remain a persistent pain point for decentralized finance (DeFi). These cross-chain protocols hold massive pools of locked collateral, making them prime targets for sophisticated smart contract manipulation. The Verus team's decision to offer a formal bounty framework reflects a pragmatic, if costly, trend in Web3 incident response: paying out millions to avoid total protocol insolvency and protect user deposits. It is a bitter pill for developers, but it secures the treasury.
The return of 4,052 ETH relieves immediate selling pressure on Ethereum. Stolen assets are frequently dumped into mixers like Tornado Cash or swapped on decentralized exchanges, which can depress spot prices and trigger localized liquidity crises. Instead, these recovered funds will be reintegrated into the Verus ecosystem, stabilizing the underlying asset backing.
Traders should monitor the Verus team's official channels for the formal redeployment of the patched bridge contract. The key risk now lies in the audit of the new code; any lingering vulnerabilities could trigger another exploit, while the successful restoration of the bridge will serve as a critical test for the project's long-term credibility and user retention. Watch the $2,100 support level for ETH as these recovered funds are re-locked into the protocol.
Verus Bridge Exploiter Returns $8.5M ETH, Keeps $2.8M Bounty
An exploiter has returned 4,052 ETH worth $8.5 million to the Verus bridge, retaining a $2.8 million bounty following an agreement with the team.