The team behind the Verus blockchain has recovered most of the funds stolen in its recent bridge exploit after the attacker returned 4,052 Ether worth about $8.5 million in exchange for a bounty payout.
Blockchain security firm PeckShield said the exploiter kept 1,350 ETH, valued at around $2.8 million, as part of the agreement offered by the project. The returned funds represent roughly 75% of the total amount stolen during the attack on the Verus-Ethereum bridge.
#PeckShieldAlert The @veruscoin Bridge exploiter has returned 4,052.4 $ETH (~$8.5M) to the team address: 0xF9AB…C1A74.
The returned funds represent 75% of the stolen total, leaving a 25% bounty (1,350 $ETH, ~$2.8M) in the exploiter’s wallet. https://t.co/ZFIqnHBwZk pic.twitter.com/vPsiOigyQ5
— PeckShieldAlert (@PeckShieldAlert) May 22, 2026
The recovery follows a public offer made by the Verus team, which promised to treat the retained ETH as a white hat bounty if the attacker returned the remaining 4,052.4 ETH within 24 hours.
Verus exploit ends in negotiated recovery
The Verus bridge was drained earlier this week after attackers allegedly used forged cross-chain transfer messages to move funds out of the protocol. The incident added to growing concerns around bridge security in decentralized finance.
Rather than wait for law enforcement action, the Verus team moved quickly to negotiate directly with the exploiter. The approach reflects a growing trend in the crypto industry where projects offer rewards to hackers in hopes of recovering stolen assets.
While such agreements may help recover funds faster, they do not guarantee immunity from legal action or future investigations.
Crypto hacks remain a major industry problem
Crypto-related exploits continue to pressure the digital asset sector despite a slowdown in attacks this month.
Data from DefiLlama shows DeFi hacks reached $634 million in April alone. The largest incidents included the $280 million Drift Protocol exploit and the $293 million Kelp attack.
So far in May, reported losses have dropped to around $38 million.
Still, security threats remain one of the biggest barriers to wider crypto adoption. Industry data shows hackers have stolen more than $17 billion across 518 incidents over the past decade, with compromised private keys, phishing schemes, and bridge vulnerabilities among the leading causes.
Bridge attacks continue across DeFi
The Verus incident comes during a wave of bridge-related attacks across the crypto market.
Recently, the MAPO token plunged 96% after attackers exploited the Butter Network bridge to mint unauthorized tokens. Elsewhere, Echo Protocol suspended cross-chain operations after an attacker reportedly created $76.7 million in fake eBTC on Monad before routing funds through Tornado Cash.
The attacks have renewed concerns over weak bridge validation systems, which remain a key target for hackers across DeFi.
Enjoyed this? Bookmark DeFi Planet, explore related topics, and follow us on Twitter, LinkedIn, Facebook, Instagram, Threads and CoinMarketCap Community for seamless access to high-quality industry insights
Take control of your crypto portfolio with DEFI PLANET PRO, DeFi Planet’s suite of analytics tools
