Cetus’ hack response on Sui was once successful on Solana

The bounty offer to recover stolen funds from Sui-based decentralized exchange (DEX) Cetus closely resembles a successful strategy used by a Solana project three years ago.
It turns out that Cetus shares the same development team as Crema Finance, a Solana-based DeFi project that suffered a $9-million hack in 2022 but recovered most of the funds by negotiating with its hacker. Now, Cetus is relying on the same strategy.
Cetus is asking the hacker to return all but $6 million, or 2,324 Ether (ETH), of the stolen funds in exchange for a promise not to pursue legal action. The protocol lost $223 million to an exploit on May 22.
The size of the bounty has sparked backlash from users, with many calling for a formal compensation plan instead. Several community members argue that even if funds are recovered, most of the damage has already been done — especially to holders of the CETUS token, which plummeted in value following the incident.
Meanwhile, Sui validators are also under fire for their role in freezing the funds. The move is aimed at aiding recovery, yet critics say it exposes centralization risks in the network.
Sui’s Cetus devs have a phantom exchange on Solana
A similar negotiation strategy used by the Cetus team on Sui was successfully employed years ago to recover funds for Crema. The Solana project hasn’t posted on its X account since March 2023, and its trading platform now sees negligible volume, but it still didn’t end well for the hacker.
Crema suffered an approximately $9-million hack in 2022. Much like the Cetus case, the Crema hacker was offered a deal to return the funds while keeping $1.6 million in exchange for not reporting the attack to law enforcement.
The hacker is believed to have been caught and sent to prison. In April 2024, the US Attorney’s Office for the Southern District of New York sentenced Shakeeb Ahmed to three years in prison for hacking two separate cryptocurrency exchanges. One was identified as Nirvana Finance, while the other was not named.
Related: Which senators invest in crypto? 11 lawmakers have blockchain-related investments
The details of the unnamed exchange’s case match Crema’s hack, including the exact date of the exploit and the terms of the agreement.
Norbert Bodziony, founder of Nightly App, claims the Cetus team was behind Crema Finance.
Bodziony declined to disclose how he learned of the relationship to Cointelegraph but added that the connection is “commonly known” in Sui’s developer circles.
Cointelegraph reached out to Cetus to confirm the connection between the two projects, but the team had not responded by publication.
Cointelegraph has separately learned that both projects are founded by Henry Du.
Save Cetus; centralize Sui
Sui’s validators have collectively blocked transactions from the hacker’s addresses, effectively freezing $162 million of the stolen funds on Sui. Around $63 million had already been bridged to Ethereum before these controls were implemented.
Although the coordinated effort has been effective in preventing the funds from being laundered, the cryptocurrency community has criticized Sui for being too centralized.
“SUI’s validators are colluding to CENSOR the hacker’s TXs right now! Does that make SUI centralized? The short answer is YES; what matters more is why? The ‘founders’ own the majority of supply & there are only 114 validators!” Justin Bons, founder of Cyber Capital, wrote on X.
As Bons pointed out, Sui has just 114 validators — far fewer than its more established smart contract peers. Ethereum has over 1 million validators, while Solana has 1,157.
Meanwhile, members of the Sui community defended the move, arguing that this is how real-world decentralized chains should function.
“Decentralization isn’t about standing by while people get hurt, it’s about the power to act together, without needing permission,” said one member of the Sui community.
Related: WLFI’s DeFi credentials under fire after Sui partnership
Following the hack, Sui developers committed code for a proposed function that would have allowed specific transactions to bypass all signing and safety checks by adding them to a whitelist.
While the function could have been used to help recover stolen funds, it also raised concerns about centralized control and the erosion of decentralization. The code was ultimately not merged and is not live on the network.
Sui and Cetus backlash contrasts recent hacks
The Cetus exploit has spotlighted the persistent security challenges in DeFi while raising deeper questions around who holds the reins in supposedly decentralized networks like Sui.
The team’s $6-million offer to the hacker mirrors the playbook it used with Crema — but this time, the crypto community isn’t as forgiving. With CETUS tanking, trust fractured and validators freezing funds, critics are asking whether Sui’s decentralization is more appearance than reality.
The debate over decentralization isn’t unique to Sui. When Bybit lost $1.4 billion in a February hack linked to North Korean state actors, security experts and users urged platforms like THORChain and eXch to block the funds.
In that case, THORChain received some backlash for not stepping in, which is the exact opposite of what Sui is being criticized for now.
As of now, the hacker hasn’t accepted Cetus’ offer. Two Ethereum wallets tied to the exploiter still hold over $60 million in ETH, with no movement at the time of writing. The Sui addresses remain paralyzed.
Magazine: TradFi is building Ethereum L2s to tokenize trillions in RWAs: Inside story
Bitcoin (BTC) $ 118,199.00
Ethereum (ETH) $ 3,778.50
XRP (XRP) $ 3.19
Tether (USDT) $ 1.00
BNB (BNB) $ 795.09
Solana (SOL) $ 186.87
USDC (USDC) $ 0.999900
Dogecoin (DOGE) $ 0.238988
Lido Staked Ether (STETH) $ 3,768.85
TRON (TRX) $ 0.320625
Cardano (ADA) $ 0.827198
Wrapped Bitcoin (WBTC) $ 118,025.00
Wrapped stETH (WSTETH) $ 4,561.81
Sui (SUI) $ 4.20
Hyperliquid (HYPE) $ 43.43
Stellar (XLM) $ 0.441265
Chainlink (LINK) $ 18.67
Hedera (HBAR) $ 0.288744
Wrapped Beacon ETH (WBETH) $ 4,051.80
Bitcoin Cash (BCH) $ 567.25
Wrapped eETH (WEETH) $ 4,039.93
Avalanche (AVAX) $ 24.94
Litecoin (LTC) $ 114.65
WETH (WETH) $ 3,772.67
Shiba Inu (SHIB) $ 0.000014
LEO Token (LEO) $ 8.98
Toncoin (TON) $ 3.33
USDS (USDS) $ 0.999869
Ethena USDe (USDE) $ 1.00
Binance Bridged USDT (BNB Smart Chain) (BSC-USD) $ 0.999940
WhiteBIT Coin (WBT) $ 44.23
Uniswap (UNI) $ 10.61
Polkadot (DOT) $ 4.17
Coinbase Wrapped BTC (CBBTC) $ 118,172.00
Monero (XMR) $ 322.27
Pepe (PEPE) $ 0.000013
Bitget Token (BGB) $ 4.58
Cronos (CRO) $ 0.144715
Aave (AAVE) $ 296.44
Ethena Staked USDe (SUSDE) $ 1.19
Bittensor (TAO) $ 430.26
Ethena (ENA) $ 0.619492
Dai (DAI) $ 0.999909
NEAR Protocol (NEAR) $ 2.91
Ethereum Classic (ETC) $ 23.13
Pi Network (PI) $ 0.440845
Ondo (ONDO) $ 1.05
Aptos (APT) $ 4.85
Internet Computer (ICP) $ 5.69
Jito Staked SOL (JITOSOL) $ 227.50
OKB (OKB) $ 48.28
Mantle (MNT) $ 0.805539
Pudgy Penguins (PENGU) $ 0.042864
Bonk (BONK) $ 0.000035
Kaspa (KAS) $ 0.099177
BlackRock USD Institutional Digital Liquidity Fund (BUIDL) $ 1.00
Algorand (ALGO) $ 0.277154
Arbitrum (ARB) $ 0.454377
Binance-Peg WETH (WETH) $ 3,774.72
VeChain (VET) $ 0.025977
USD1 (USD1) $ 1.00
Cosmos Hub (ATOM) $ 4.78
Render (RENDER) $ 4.25
POL (ex-MATIC) (POL) $ 0.236941
Gate (GT) $ 17.79
Worldcoin (WLD) $ 1.17
Official Trump (TRUMP) $ 10.24
Sky (SKY) $ 0.095229
Fasttoken (FTN) $ 4.58
Sei (SEI) $ 0.340586
Artificial Superintelligence Alliance (FET) $ 0.738723
Binance Staked SOL (BNSOL) $ 198.49
SPX6900 (SPX) $ 1.98
Filecoin (FIL) $ 2.69
Flare (FLR) $ 0.025499
Rocket Pool ETH (RETH) $ 4,296.59
Lombard Staked BTC (LBTC) $ 118,290.00
Kelp DAO Restaked ETH (RSETH) $ 3,956.32
Jupiter (JUP) $ 0.559456
sUSDS (SUSDS) $ 1.06
Story (IP) $ 5.47
Jupiter Perpetuals Liquidity Provider Token (JLP) $ 5.09
Curve DAO (CRV) $ 1.11
KuCoin (KCS) $ 11.63
Injective (INJ) $ 15.02
USDtb (USDTB) $ 0.999486
XDC Network (XDC) $ 0.088789
StakeWise Staked ETH (OSETH) $ 3,966.25
Celestia (TIA) $ 1.95
Mantle Staked Ether (METH) $ 4,035.67
Liquid Staked ETH (LSETH) $ 4,077.99
USDT0 (USDT0) $ 1.00
First Digital USD (FDUSD) $ 0.997508
Fartcoin (FARTCOIN) $ 1.35
NEXO (NEXO) $ 1.31
Stacks (STX) $ 0.817430
Optimism (OP) $ 0.731732
Renzo Restaked ETH (EZETH) $ 3,966.38
FLOKI (FLOKI) $ 0.000130
Polygon Bridged USDT (Polygon) (USDT) $ 1.00