SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

US Seizes $31 Million Worth of Crypto Stolen in Uranium Finance Hack

The US government has seized roughly $31 million in cryptocurrency stolen in 2021 from Uranium Finance.

The US government last week announced that it has seized roughly $31 million worth of cryptocurrency stolen in April 2021 from Uranium Finance.

Uranium Finance was hacked twice in April 2021, with the total losses amounting to over $53 million, making it one of the largest hacks in decentralized finance (DeFi) at the time.

According to blockchain intelligence firm TRM Labs, which investigated the transactions linked to the heist and helped authorities trace the stolen funds, the attackers exploited vulnerabilities in Uranium Finance’s smart contract code to steal various tokens.

In the first incident, which occurred between April 6 and 8, hackers exploited the protocol’s reward distribution system to steal roughly $1.4 million, but returned approximately $1 million in assets.

On April 28, a second attack targeted a vulnerability in Uranium Finance’s trading logic, resulting in the theft of $52 million. Uranium Finance shut down after the heist.

“The flaw acted as a faulty vault mechanism, miscalculating balances and allowing attackers to withdraw significantly more tokens than should have been permitted. The sheer simplicity of the exploit exposed critical weaknesses in smart contract security,” TRM explains.

The hackers used Tornado Cash and multiple decentralized exchanges to convert the stolen tokens into various cryptocurrency and store the funds in dormant wallets for approximately three years, until moving them again in early 2024.

TRM says it started tracing the stolen assets across blockchains in February 2023 and, together with law enforcement, identified laundering patterns and linked the funds to Tornado Cash transactions and cross-chain swaps.

Advertisement. Scroll to continue reading.

As a result, the US Attorney’s Office for the Southern District of New York and Homeland Security Investigations San Diego were able to seize $31 million in stolen assets, as the US Justice Department announced on X last week.

Related: FBI Says North Korea Hacked Bybit as Details of $1.5B Heist Emerge

Related: Indiana Man Sentenced to 20 Years in Prison for Hacking, $37 Million Crypto Theft

Related: US, Japan, South Korea Blame North Korean Hackers for $660M Crypto Heists

Related: $50 Million Radiant Capital Heist Blamed on North Korean Hackers

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

More from

Latest News

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Virtual Event: Threat Detection and Incident Response Summit
May 21, 2025

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Webinar: Which Security Testing Approach is Right for You?
March 25, 2025

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

SplxAI, a startup focused on securing AI agents, has announced new CISO Sandy Dunn.

Phillip Miller is joining tax preparation giant H&R Block as VP and CISO.

Linx Security has appointed Sarit Reiner Frumkes as Chief Technology Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.