The Verus blockchain team has successfully recovered 4,052 Ether following an attack on its bridge infrastructure, after negotiating directly with the attacker. In the agreement, the attacker kept a reward of 1,350 ETH and transferred the remainder back to the Verus treasury wallet. This operation enabled the rapid restoration of the bulk of the project’s stolen assets.
Funds returned through reward deal
The Verus development team quickly established a reward protocol with the attacker, enabling a swift resolution. In line with the plan, the attacker returned 4,052 ETH within 24 hours and received a reward of 1,350 ETH. Well-known cybersecurity platform PeckShield confirmed that approximately three-quarters of the stolen assets were reclaimed for the project using this approach.
The prompt recovery of a large share of the stolen funds highlights that the Verus team opted for direct contact with the attacker rather than waiting for formal legal action.
Some of the remaining ETH was moved by the attacker to another crypto address as stipulated in the deal. The strategy aimed to preserve the Verus ecosystem’s stability and prevent further losses. Rather than pursuing punitive measures, the case stands out as a quick, negotiated settlement to patch security vulnerabilities in bridge technologies.
Glossary: A cross-chain bridge is a technology that enables the transfer and swapping of crypto assets between different blockchain networks. Widely used in decentralized finance, these bridges allow tokens to move across chains for improved liquidity but are susceptible to security flaws.
Details of the bridge vulnerability
On May 18, a security breach targeting the bridge connecting Verus and Ethereum resulted in a loss of $11.5 million in digital assets. The attackers exploited weaknesses in the bridge’s transaction verification mechanisms, capturing 1,625 ETH, 103.6 tBTC, and about 147,000 USDC.
These assets were then converted, at the time of the incident, to a total of 5,402 ETH. Technical investigations found that the vulnerability stemmed from insufficient verification of transaction source amounts, rather than a leaked key or cryptographic failure. Such flaws have become a recurring issue across bridge-based DeFi projects.
Unlike similar incidents, the approach taken by Verus led to the recovery of most of the funds through negotiation, instead of sending assets through mixers to obscure their trail or using lengthy legal proceedings, which are more common in the industry.
| Bridge Name | Date of Attack | Total Loss | Recovered Assets | Recovery Method |
|---|---|---|---|---|
| Verus Bridge | May 18, 2026 | $11.5 million | 4,052 ETH | Direct negotiation and reward |
| Other DeFi Projects | 2024-2026 | Various amounts | Mostly unrecovered | Legal action or funds lost |
State of DeFi security: Recent trends
In April 2026, losses from attacks targeting decentralized finance protocols reached a total of $634 million. In May, the number of such incidents dropped, reducing monthly losses to $38 million. Nonetheless, bridge protocols remain one of the most targeted weak points in the sector by cybercriminals.
Recently, other security breaches surfaced, including unauthorized eBTC minting on the Monad network and asset exploitation on Butter Network. Analyses indicate that attackers manipulate systems using fake collateral and anonymous transactions, with bridges and poor verification controls seen as key vulnerabilities in the DeFi landscape.
The Verus team’s proactive approach, engaging the attacker and using an incentive to recover assets, is now viewed as a model for rapid crisis resolution in crypto projects. This milestone not only strengthens blockchain bridge security but also opens the door to new strategies for retrieving stolen assets.
