Shiba Inu Offers 50 ETH Bounty to Recover Shibarium Stolen Funds

The Shiba Inu team has released a new update on the Shibarium bridge hack and introduced a bounty program to recover stolen assets.

For context, the September 12 exploit drained millions from the Ethereum layer-2 network and left the community facing one of its most serious challenges to date.

Shiba Inu Team Launches 50 ETH Bounty

In the latest update, the Shiba Inu ecosystem team revealed that they teamed up with K9 Finance to create a bounty program that offers the attacker 50 ETH ($229,000) if they return the stolen tokens. Notably, the reward sits in a dedicated escrow contract. 

The Shib team has joined @K9finance to offer a bounty to the Shib Bridge Exploiter

Shib Deployer 2 has sent a message offering a 50 ETH bounty in exchange for the tokens stolen.https://t.co/7T7AtywqWm pic.twitter.com/Zqq376CnOo

— Shib (@Shibtoken) September 17, 2025

- Advertisement -

To claim it, the attacker must send all the assets back to a designated recovery wallet. These assets include SHIB, ETH, LEASH, xFUND, Treat, FUND, DAI, WBTC, Bad Idea AI, ROAR, USDC, LTD, USDT, Shifu, and OSCAR, according to on-chain data.

Moreover, the team also set conditions for the bounty. Specifically, the attacker must prepare a whitehat disclosure report that lays out the full method of the exploit. 

This includes details on how they gained validator access, the scripts and tools they used, the addresses involved, the transaction hashes, and recommended steps for prevention. 

In addition, the attacker must also stop moving the compromised tokens. Once the tokens return and the team verifies the report, the bounty escrow will release 50 ETH to the attacker’s wallet.

Moreover, the developers added that if the attacker complies, they will not pursue legal action and will issue a waiver, provided this falls within the law. However, they clarified that the bounty excludes KNINE tokens, which K9 Finance already secured.

For context, the K9 Finance team has already issued its own bounty of 5 ETH for the KNINE tokens. Notably, the team froze over $700,000 worth of KNINE, which the hacker gained control of. Now that they cannot spend the assets, the team has offered a 5 ETH bounty for their return.

Updated Account of the Shibarium Hack

Meanwhile, alongside the bounty program, the Shiba Inu ecosystem team shared an updated account of how the exploit happened. 

Shibarium Bridge Exploit Community Update 17/09/2026

The attacker executed a flash loan swap to acquire 4.6M $BONE from Shibaswap & used those to delegate them to Ryoshi Validator 1. This gave the attacker > 2/3 majority voting on Shibarium validators & the ability to use the…

— Shib (@Shibtoken) September 17, 2025

The team said the attacker executed a flash loan swap to acquire 4.6 million BONE from ShibaSwap. They then delegated the tokens to Ryoshi Validator 1, which gave them more than two-thirds of validator voting power. With this control, they used compromised internal validator keys to sign a malicious state, draining $4.1 million from the bridge.

On-chain records show the attacker stole 17 different tokens. Losses included $1 million in ETH, $1.3 million in SHIB, $717,000 in KNINE, $680,000 in LEASH, and $260,000 in ROAR, along with smaller amounts of other tokens. 

The attacker sold only their USDT and USDC by converting them into ETH. They also tried seven times to sell $700,000 worth of KNINE, but K9 Finance blocked the wallet before the sales went through. The attacker still holds the other stolen assets, with the Shiba Inu tokens sitting across more than eight wallets.

Notably, the developers believe a compromise of Shibarium validator keys caused the breach. They suspect the attacker may have gained access either through a developer’s machine or the server’s key management system. In response, they suspended bridge operations and began forensic analysis.

To contain the damage, the team revoked root chain manager access from the proof-of-stake bridge, extended the exit time on the plasma bridge, and disabled predicate burn-only functions to stop further withdrawals. They also flagged suspicious transactions and ruled out the cross-chain contract, which some initially thought caused the breach.

Shiba Inu Team Promises Stronger Security

In the recent disclosure, the Shiba Inu team promised stronger security going forward. They said they will improve monitoring and alerts and tighten internal security practices. They also plan to publish a full post-mortem report once the investigation concludes.

Notably, this update follows earlier analyses from industry figures and security firms. For instance, Tikkala Security and Pulse Digital claimed there were deeper governance issues, mentioning how the hack also involved leaked keys and manipulated Merkle roots.