US Authorities Seize Crypto Worth $31M Linked to Uranium Finance Breach

Last updated: February 24, 2025 23:32 EST

Crypto Reporter

Shalini Nagarajan

Crypto Reporter

Shalini Nagarajan

About Author

Shalini is a crypto reporter who provides in-depth reports on daily developments and regulatory shifts in the cryptocurrency sector.

Last updated:

February 24, 2025 23:32 EST

Why Trust Cryptonews

Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas – from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews

US authorities have seized about $31m in cryptocurrency connected to the 2021 Uranium Finance hack, marking a major breakthrough nearly four years after the attack.

The Southern District of New York (SDNY) announced the seizure in an X post on Monday, attributing the recovery to a coordinated effort with Homeland Security Investigations (HSI) in San Diego.

The hack, among the largest decentralized finance (DeFi) exploits at the time, targeted Uranium Finance—a platform built on the Binance Smart Chain and a fork of Uniswap. A critical flaw in its smart contract code was exploited during the platform’s migration to its V2.1 upgrade.

SDNY and @HSISanDiego seize cryptocurrency worth approximately $31 million related to April 2021 hack of Uranium Finance. If you believe you have been a victim of this hack, please contact [email protected].

— US Attorney SDNY (@SDNYnews) February 24, 2025

How a Tiny Calculation Error Led to a Multi-Million Dollar Breach

The vulnerability, specifically a calculation error in the balance modifier logic, artificially inflated reported balances, allowing the hacker to drain liquidity pools.

Losses amounted to a staggering $50m, with stolen assets including 80 BTC, 1,800 ETH, 17.9m BUSD, 5.7 million USDT, 638,000 ADA, 26,500 DOT, 34,000 wBNB and 112,000 of Uranium’s native token, U92.

Acting quickly, the perpetrator laundered the stolen funds, leveraging Tornado Cash, an Ethereum mixer, to obscure the transaction history, and AnySwap, a cross-chain bridge, to transfer assets from BSC to Ethereum.

The exploit proved fatal for Uranium Finance, which ultimately shut down, leaving investors without immediate recourse.

Inside Job or Bad Timing? Suspicions Surround Uranium Finance Hack

The incident raised serious concerns about smart contract security in DeFi. Despite undergoing an audit, Uranium Finance’s code contained a subtle yet catastrophic bug. This flaw exposed weaknesses in its adaptation of Uniswap’s structure for BSC.

The timing of the attack added to suspicions. It occurred just days after the platform’s V2 deployment. Shortly after, Uranium’s contract repository was removed from GitHub, fueling speculation of an inside job. These concerns grew stronger as the platform had already suffered a $1.3 million breach earlier that month. This further intensified scrutiny of its security protocols.

Authorities’ latest recovery efforts signal a significant step toward holding cybercriminals accountable in the evolving landscape of crypto fraud. Since the hack, investigators have been tracking the stolen funds, which the hacker attempted to launder through various means, including deposits into centralized exchanges and, in a bizarre twist, purchases of rare Magic: The Gathering cards.

While the seized $31m represents only a fraction of the total amount stolen, it shows the increasing ability of law enforcement to trace illicit blockchain transactions despite sophisticated laundering techniques.