Crypto Times Logo Black
Google News Follow Banner
  • News
    • Market
    • Bitcoin
    • Ethereum
    • Altcoins
    • Regulations & Policies
    • DeFi News
    • Blockchain News
    • Industry
  • Exclusive
    ExclusiveShow More
    Anthropic’s Claude Fable 5 Crypto Hacks
    Anthropic’s Claude Fable 5: The AI That Could Supercharge Crypto Hacks and Defenses
    CLARITY Act Stalls Why Senate's August Recess Puts US Crypto Rules at Risk
    CLARITY Act Stalls: Why Senate’s August Recess Puts US Crypto Rules at Risk
    Three Stories, One Pattern Why Binance Is Having Its Worst Week Since the Pardon
    Three Stories, One Pattern: Why Binance Is Having Its Worst Week Since the Pardon
    Coinbase India Head Addresses Re-Entry Launch Glitches and the 12-Month Roadmap
    Coinbase India Head Addresses Re-Entry Launch Glitches and the 12-Month Roadmap
    Inside the Trump Family’s $1.2B Crypto Windfall Who Paid the Price
    Inside the Trump Family’s $1.2B Crypto Windfall: Who Paid the Price?
  • Opinion
    OpinionShow More
    The Bitcoin Treasury Blueprint What Stress Testing on Strategy Inc.’s MSTR-STRC Reveals
    The Bitcoin Treasury Blueprint: What Stress Testing on Strategy Inc.’s MSTR-STRC Reveals
    Why Wall Street is Divided Michael Saylor’s Scarcity vs. Tom Lee’s Staking Empire
    Why Wall Street is Divided: Michael Saylor’s Scarcity vs. Tom Lee’s Staking Empire
    The Arthur Hayes Paradox Macro Prophet or Market Opportunist
    The Arthur Hayes Paradox: Macro Prophet or Market Opportunist?
    RBI Denies Gold Sale Amid Oil Crisis: Could It Speed Up India's Digital Rupee Push?
    RBI Denies Gold Sale Amid Oil Crisis: Could It Speed Up India’s Digital Rupee Push?
    The CLARITY Act War Starts Jamie Dimon Vs Armstrong
    The CLARITY Act War Starts: Jamie Dimon Vs Armstrong
  • Learn
    • Explained
    • How To
    • Insights
  • Videos
  • More
    • About Us
    • Our Authors
    • Contact Us
    • Editorial Policy
The Crypto TimesThe Crypto Times
  • All News
  • Market
  • Bitcoin
  • Ethereum
  • Altcoins
  • Regulations & Policies
  • Blockchain
  • DeFi
  • Industry
  • Exclusive
  • Opinion
Search
  • News
    • Market
    • Bitcoin
    • Ethereum
    • Altcoins
    • Regulations & Policies
    • Blockchain
    • DeFi
    • Industry
    • Exclusive
    • Opinion
  • Learn
    • Explained
    • How To
    • Insights
  • Quick Links
    • About Us
    • Our Authors
    • Contact Us
    • Editorial Policy
    • AI Policy
    • Sponsored & Advertorial Policy
  • Videos
  • Glossary
Follow US
© 2026 By Crypto Times. All Rights Reserved.
DeFi News

Verus Hacker Returns $8.5M After Bridge Exploit Deal

The hacker drained $11.58M from the Verus-Ethereum bridge before returning 75% of the stolen funds under a negotiated bounty deal.

Written By Kenrodgers Fabian Kenrodgers Fabian
Fact Checked by Divya Mistry Divya Mistry
Published 2026-05-22·Updated 1 month ago
Make The Crypto Times preferred on GoogleGoogle
Share
Verus Hacker Returns $8.5M After Bridge Exploit Deal
Show AI Summary
A hacker exploited systemic flaws in the Verus cross-chain bridge’s verification process to steal funds
The breach was made possible by weaknesses in the bridge’s transaction approval system, not broken private keys
The incident highlights structural failures in cross-chain systems, echoing past exploits like Wormhole and Nomad

A hacker has returned Ethereum worth about $8.5 million after exploiting the Verus cross-chain bridge, renewing attention on so-called white-hat bounty deals in decentralized finance. The attacker sent back 4,052.4 ETH to the Verus team following negotiations, while keeping 1,350 ETH worth roughly $2.8 million under a previously agreed bounty arrangement. 

Blockchain security firm PeckShield confirmed the transfer on X and said the returned funds accounted for about 75% of what was stolen.

#PeckShieldAlert The @veruscoin Bridge exploiter has returned 4,052.4 $ETH (~$8.5M) to the team address: 0xF9AB…C1A74.

The returned funds represent 75% of the stolen total, leaving a 25% bounty (1,350 $ETH, ~$2.8M) in the exploiter's wallet. https://t.co/ZFIqnHBwZk pic.twitter.com/vPsiOigyQ5

— PeckShieldAlert (@PeckShieldAlert) May 22, 2026

On May 18, funds worth around $11.58 million were drained from the Verus-Ethereum bridge. The breach affected ETH, tBTC, and USDC, and exposed a weakness in the bridge’s verification process. Security researchers said the attacker did not break private keys. Instead, they exploited flaws in how the system checked and approved transactions, which allowed unauthorized withdrawals to pass.

Investigators compared the technique to past bridge exploits, including Wormhole and Nomad. As a result, concerns have increased around the security of cross-chain systems, which continue to face repeated structural failures across decentralized finance networks.

Verus negotiates with exploiter

The Verus team moved quickly into negotiations after the exploit became public. It offered the attacker a 1,350 ETH bounty if they returned the remaining funds within 24 hours. The proposal also included a promise to drop investigations if the attacker fully complied with the terms.

In a public statement on X, Verus wrote: “We have agreed that the bounty amount will be 1350 ETH.” The team also said it would halt all investigations if the attacker followed the agreement. As a result, the communication framed the deal as a structured return process rather than a legal escalation.

The attacker later returned the funds to the specified address. This outcome triggered renewed debate across the crypto community on white-hat bounty arrangements. Some developers support such negotiated recoveries as practical risk control. However, critics argue these deals may encourage more exploit attempts in future breaches.

Verification weakness triggered the attack

Security firm Blockaid traced the Verus exploit to a structural flaw in the bridge’s verification system. Investigators said the protocol failed to properly confirm whether reserve funds existed on the originating chain before approving transactions.

The attacker took advantage of this gap by creating a small 0.02 VRSC transaction with altered export data. The system accepted the request because it technically followed existing rules, even though the underlying balance checks were incomplete. As a result, the attacker managed to trigger large withdrawals while paying only about $10 in transaction fees.

Blockaid said the exploit bypassed a key safety check known as “checkCCEValues.” Researchers also noted that developers could fix the issue with a relatively small update, estimated at around 10 lines of Solidity code.

Bridge hacks continue to threaten DeFi

Bridge attacks have continued to pressure decentralized finance platforms throughout 2026. Data from PeckShield showed hackers have stolen about $328.6 million across eight bridge-related exploits this year alone.

Separate figures from DeFiLlama indicate that total crypto losses now exceed $16.5 billion over time. Cross-chain bridge attacks account for roughly $3.22 billion of those losses. Thus, worries about the dangers associated with interoperability technologies become more widespread within the cryptocurrency sector.

Crypto hacks and DeFi exploit losses over time chart
Source: DeFiLIama

The Verus situation represents another example of this trend, although in this case the team succeeded in returning the stolen coins. The project’s decision is also representative of a new industry-wide tendency, where certain development teams choose to negotiate rather than pursue lengthy court cases to recover major chunk of stolen funds.

Also Read: Global Police Seize Crypto Wallets, Bank Funds in $752M Scam

Disclaimer: The information researched and reported by The Crypto Times is for informational purposes only and is not a substitute for professional financial advice. Investing in crypto assets involves significant risk due to market volatility. Always Do Your Own Research (DYOR) and consult with a qualified Financial Advisor before making any investment decisions.

Follow The Crypto Times on Google News to Stay Updated!      Google News
Google News Banner

TAGGED:Crypto Hack
Share This Article
Whatsapp Whatsapp LinkedIn Telegram Copy Link

Latest News

EMURGO Winds Down SecondFi for Good as Cardano Hack Recovery Drags On
EMURGO Winds Down SecondFi for Good as Cardano Hack Recovery Drags On
ZachXBT Dumps Unauthorized Meme Coins to Fund $41K Charity Donation
ZachXBT Dumps Unauthorized Meme Coins to Fund $41K Charity Donation
Michael Saylor’s Strategy Liquidates 3,588 BTC Hours After Preaching Bitcoin Supremacy
Michael Saylor’s Strategy Liquidates 3,588 Bitcoin Hours After Preaching Bitcoin Supremacy
Will XRP Price Recover After Ripple’s MiCA License On-Chain Data Signals Hope
Will XRP Price Recover After Ripple’s MiCA License? On-Chain Data Signals Hope
Hyperliquid Open Positions Top 305K as Traders Strategize Around Major Crypto Breakout
Hyperliquid Open Positions Top 305K as Traders Strategize Around Major Crypto Breakout

Find Us on Socials

You may also like

Summer Finance Hit by Suspected Flash Loan Exploit Worth Nearly $6M

Summer Finance Hit by Suspected Flash Loan Exploit Worth Nearly $6M

Aave DAO Clears stcUSD Listing for MegaETH Lending Market

Aave DAO Clears stcUSD Listing for MegaETH Lending Market 

Gnosis Pay Restores 100% User Funds After $1.8M Crypto Exploit

Gnosis Pay Restores 100% User Funds After $1.8M Crypto Exploit

Hinkal Protocol Reveals Initial Cause Behind $820K Ethereum Exploit

Hinkal Protocol Reveals Initial Cause Behind $820K Ethereum Exploit

The Crypto Times Logo PNG

Providing real-time, accurate Crypto reporting. Your trusted source for Crypto News and Research.

Stay Updated

All News
Exclusive
Opinions
Learn
Videos
Glossary

Company

About Us
Our Authors
Editorial Policy
AI Policy
Advertorial Policy

Get In Touch

Contact Us
Career

Find Us on Socials

X-twitter Linkedin Telegram Youtube Instagram

© 2026 The Crypto Times | A BITROCK TECHNOLOGIES L.L.C. Company.

DMCA.com Protection Status
  • Terms and Conditions
  • Disclaimer
  • Privacy Policy
  • Cookie policy
Do Not Sell or Share My Personal Information