US Authorities Seize Crypto Worth $31M Linked to Uranium Finance Breach
US authorities have seized about $31m in cryptocurrency connected to the 2021 Uranium Finance hack, marking a major breakthrough nearly four years after the attack.
The Southern District of New York (SDNY) announced the seizure in an X post on Monday, attributing the recovery to a coordinated effort with Homeland Security Investigations (HSI) in San Diego.
The hack, among the largest decentralized finance (DeFi) exploits at the time, targeted Uranium Finance—a platform built on the Binance Smart Chain and a fork of Uniswap. A critical flaw in its smart contract code was exploited during the platform’s migration to its V2.1 upgrade.
How a Tiny Calculation Error Led to a Multi-Million Dollar Breach
The vulnerability, specifically a calculation error in the balance modifier logic, artificially inflated reported balances, allowing the hacker to drain liquidity pools.
Losses amounted to a staggering $50m, with stolen assets including 80 BTC, 1,800 ETH, 17.9m BUSD, 5.7 million USDT, 638,000 ADA, 26,500 DOT, 34,000 wBNB and 112,000 of Uranium’s native token, U92.
Acting quickly, the perpetrator laundered the stolen funds, leveraging Tornado Cash, an Ethereum mixer, to obscure the transaction history, and AnySwap, a cross-chain bridge, to transfer assets from BSC to Ethereum.
The exploit proved fatal for Uranium Finance, which ultimately shut down, leaving investors without immediate recourse.
Inside Job or Bad Timing? Suspicions Surround Uranium Finance Hack
The incident raised serious concerns about smart contract security in DeFi. Despite undergoing an audit, Uranium Finance’s code contained a subtle yet catastrophic bug. This flaw exposed weaknesses in its adaptation of Uniswap’s structure for BSC.
The timing of the attack added to suspicions. It occurred just days after the platform’s V2 deployment. Shortly after, Uranium’s contract repository was removed from GitHub, fueling speculation of an inside job. These concerns grew stronger as the platform had already suffered a $1.3 million breach earlier that month. This further intensified scrutiny of its security protocols.
Authorities’ latest recovery efforts signal a significant step toward holding cybercriminals accountable in the evolving landscape of crypto fraud. Since the hack, investigators have been tracking the stolen funds, which the hacker attempted to launder through various means, including deposits into centralized exchanges and, in a bizarre twist, purchases of rare Magic: The Gathering cards.
While the seized $31m represents only a fraction of the total amount stolen, it shows the increasing ability of law enforcement to trace illicit blockchain transactions despite sophisticated laundering techniques.
The post US Authorities Seize Crypto Worth $31M Linked to Uranium Finance Breach appeared first on Cryptonews.
Read More
HashKey Group Advances Blockchain in Global Finance
India seeks bilateral trade deal with US, avoids immediate retaliation over tariffs
US Authorities Seize Crypto Worth $31M Linked to Uranium Finance Breach
US authorities have seized about $31m in cryptocurrency connected to the 2021 Uranium Finance hack, marking a major breakthrough nearly four years after the attack.
The Southern District of New York (SDNY) announced the seizure in an X post on Monday, attributing the recovery to a coordinated effort with Homeland Security Investigations (HSI) in San Diego.
The hack, among the largest decentralized finance (DeFi) exploits at the time, targeted Uranium Finance—a platform built on the Binance Smart Chain and a fork of Uniswap. A critical flaw in its smart contract code was exploited during the platform’s migration to its V2.1 upgrade.
How a Tiny Calculation Error Led to a Multi-Million Dollar Breach
The vulnerability, specifically a calculation error in the balance modifier logic, artificially inflated reported balances, allowing the hacker to drain liquidity pools.
Losses amounted to a staggering $50m, with stolen assets including 80 BTC, 1,800 ETH, 17.9m BUSD, 5.7 million USDT, 638,000 ADA, 26,500 DOT, 34,000 wBNB and 112,000 of Uranium’s native token, U92.
Acting quickly, the perpetrator laundered the stolen funds, leveraging Tornado Cash, an Ethereum mixer, to obscure the transaction history, and AnySwap, a cross-chain bridge, to transfer assets from BSC to Ethereum.
The exploit proved fatal for Uranium Finance, which ultimately shut down, leaving investors without immediate recourse.
Inside Job or Bad Timing? Suspicions Surround Uranium Finance Hack
The incident raised serious concerns about smart contract security in DeFi. Despite undergoing an audit, Uranium Finance’s code contained a subtle yet catastrophic bug. This flaw exposed weaknesses in its adaptation of Uniswap’s structure for BSC.
The timing of the attack added to suspicions. It occurred just days after the platform’s V2 deployment. Shortly after, Uranium’s contract repository was removed from GitHub, fueling speculation of an inside job. These concerns grew stronger as the platform had already suffered a $1.3 million breach earlier that month. This further intensified scrutiny of its security protocols.
Authorities’ latest recovery efforts signal a significant step toward holding cybercriminals accountable in the evolving landscape of crypto fraud. Since the hack, investigators have been tracking the stolen funds, which the hacker attempted to launder through various means, including deposits into centralized exchanges and, in a bizarre twist, purchases of rare Magic: The Gathering cards.
While the seized $31m represents only a fraction of the total amount stolen, it shows the increasing ability of law enforcement to trace illicit blockchain transactions despite sophisticated laundering techniques.
The post US Authorities Seize Crypto Worth $31M Linked to Uranium Finance Breach appeared first on Cryptonews.
Read More
HashKey Group Advances Blockchain in Global Finance