TLDR
- Cetus protocol on Sui suffered a $223 million hack on May 22 and offered the hacker $6 million to return the remaining funds
- The same development team previously ran Crema Finance on Solana, which used an identical strategy after a $9 million hack in 2022
- Sui validators froze $162 million of stolen funds by blocking the hacker’s transactions, sparking centralization debates
- CETUS token dropped 35% after the exploit, while community backlash grows over the large bounty offer
- The hacker who attacked Crema Finance was later sentenced to three years in prison by a US court in April 2024
The Sui-based decentralized exchange Cetus is offering hackers a $6 million bounty to return funds stolen in a May 22 exploit. The protocol lost $223 million total in the attack.
The bounty offer mirrors a strategy used by the same development team three years ago. Cetus shares developers with Crema Finance, a Solana-based DeFi project that suffered a $9 million hack in 2022.
Crema successfully recovered most funds by negotiating with its hacker. The team offered the attacker $1.6 million to return the remaining funds without legal action.
The Crema hacker was later caught and imprisoned. In April 2024, the US Attorney’s Office sentenced Shakeeb Ahmed to three years in prison for hacking two cryptocurrency exchanges.
One exchange was identified as Nirvana Finance. The unnamed second exchange matches Crema’s hack details exactly, including the date and agreement terms.
One interesting fact is that Cetus team is also behind @Crema_Finance Solana AMM project that also got hacked in similar way back in 2022.
User were never refunded. https://t.co/ZLkMYjxw7A
— NB 😈 (@norbertbodziony) May 22, 2025
Validator Response Sparks Centralization Debate
Sui validators collectively blocked transactions from the hacker’s addresses after the Cetus exploit. This action froze $162 million of stolen funds on the Sui network.
Around $63 million had already been moved to Ethereum before validators implemented these controls. The coordinated response prevented further fund laundering but drew criticism.
Justin Bons, founder of Cyber Capital, called Sui centralized on social media. He pointed out that Sui has only 114 validators compared to Ethereum’s over 1 million and Solana’s 1,157.
Some Sui community members defended the validator action. They argued that decentralized networks should work together to prevent harm without needing permission.
Sui developers also committed code for a function that would bypass transaction safety checks. This whitelist feature could have helped recover stolen funds but raised centralization concerns.
The code was not merged into the live network. The proposed function would have allowed specific transactions to skip all signing and safety requirements.
CETUS token price fell 35% immediately after the hack announcement. The token’s value plummeted as news of the exploit spread through the crypto community.
Community Backlash Over Bounty Size
The $6 million bounty offer has drawn criticism from Cetus users and the broader crypto community. Many argue the team should focus on formal compensation plans instead.
Community members say most damage has already occurred to CETUS token holders. The token’s price crash following the hack has hurt investors regardless of potential fund recovery.
Users question whether offering such large bounties sets a dangerous precedent. Some worry it incentivizes future attacks by making hacking profitable even when caught.
The situation contrasts with other recent hacks where platforms faced criticism for different responses. When Bybit lost $1.4 billion in February, some criticized THORChain for not blocking the funds.
Both Cetus projects are founded by Henry Du according to sources. Norbert Bodziony, founder of Nightly App, confirmed the connection between Cetus and Crema teams.
The hacker has not accepted Cetus’ offer as of publication. Two Ethereum wallets linked to the exploiter still hold over $60 million in ETH with no recent movement.
The post Cetus Protocol Offers $6 Million Bounty After $223 Million Sui Hack appeared first on CoinCentral.
