The Verus team had previously offered to halt investigations and avoid legal action if the attacker agreed to return the stolen funds within a 24 hour deadline.
The individual responsible for exploiting the Verus Ethereum bridge and stealing more than $11 million has now returned approximately $8.5 million to the project while retaining around $2.8 million as part of a negotiated white hat bounty agreement.
The recovery comes just one day after the Verus community and development team publicly proposed the reward arrangement in exchange for the attacker meeting specific conditions.
Attacker Accepts Multi Million Dollar Bounty Deal
The exploit occurred on May 17 after the attacker identified a missing validation process within one of Verus’ cross chain bridge contracts. The vulnerability allowed the hacker to withdraw approximately 103.6 tBTC, 1,625 ETH, and 147,000 USDC from the protocol.
Following the incident, the Verus team shut down its block producing nodes to prevent additional unauthorized transfers and quickly released an emergency security patch.
Later, Verus announced on social media that it was willing to offer the Ethereum bridge exploiter a bounty worth 1,350 ETH if they returned 4,052 ETH within a 24 hour period. The team also stated that it would stop all investigations and avoid pressing charges if the conditions were fulfilled.
In its public statement, the project explained that returning the requested amount to the specified address would be treated as acceptance of the agreement, after which Verus would discontinue further efforts to identify or pursue the attacker.
Blockchain security firm PeckShield later confirmed that the exploiter transferred 4,052 ETH back to the project’s wallet. The recovery represented roughly 75% of the stolen assets, while the attacker retained the remaining 25% as a bounty payment equal to approximately 1,350 ETH.
Despite the returned funds, Verus has not yet formally confirmed the recovery across its official platforms as outlined in the original agreement.
Developers Suggest Artificial Intelligence May Have Played a Role
The Verus exploit arrives during a year marked by a sharp rise in bridge related security breaches across the crypto industry. According to PeckShield, attackers have stolen approximately $328.6 million from cross chain protocols so far this year.
Affected projects include THORChain, ZetaChain, KelpDAO, HyperBridge, CrossCurve, Squid Router, and IoTeX.io.
What makes the Verus exploit particularly notable is the possibility that artificial intelligence may have assisted in carrying out the attack.
Verus lead developer Mike Toutonghi explained in a published article that AI tools may have helped the attacker understand the bridge system’s operational rules in enough detail to construct malicious transactions capable of bypassing verification checks. According to Toutonghi, the exploit manipulated the Ethereum contract into accepting fraudulent cross chain transfers.
Meanwhile, Vitalik Buterin recently shared a different perspective on the role of artificial intelligence in crypto security.
Responding to concerns from the community about AI enabling endless exploitation opportunities, Buterin argued that AI assisted formal verification systems could instead become an important defensive tool for strengthening smart contract security and reducing vulnerabilities across the crypto ecosystem.#crypto#cryptonews https://coinsignals.net https://t.me/coinsignalpublic
