430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

U.S. Authorities recovered $31 Million Related to 2021 Uranium Finance cyber heist

U.S. authorities have recovered $31 million in cryptocurrency stolen during the 2021 cyberattacks on Uranium Finance. U.S. authorities recovered $31 million in cryptocurrency stolen in 2021 cyberattacks on Uranium Finance, which is a decentralized finance (DeFi) protocol built on Binance’s BNB Chain. The protocol operated as an automated market maker (AMM), similar to Uniswap, allowing […]

Uranium Finance hack

U.S. authorities have recovered $31 million in cryptocurrency stolen during the 2021 cyberattacks on Uranium Finance.

U.S. authorities recovered $31 million in cryptocurrency stolen in 2021 cyberattacks on Uranium Finance, which is a decentralized finance (DeFi) protocol built on Binance’s BNB Chain. The protocol operated as an automated market maker (AMM), similar to Uniswap, allowing users to swap tokens without intermediaries.

In April 2021, Uranium Finance suffered two cyber attacks that exploited smart contract flaws. The first attack (April 6-8) resulted in the theft of $1.4M, with $1M later returned. The second attack (April 28) exploited a code error, leading to a $52M theft. Stolen funds were laundered through the cryptocurrency mixer Tornado Cash and decentralized exchanges, with some remaining dormant for years before resurfacing in early 2024.

US authorities, with the help of the Blockchain intelligence firm TRM Labs, tracked and recovered some illicit financial flows linked to the cyber heist.

The U.S. Attorney’s Office (SDNY) and HSI San Diego seized $31 million in stolen assets, a major breakthrough in the Uranium Finance case.

“In February 2023, TRM worked closely with law enforcement to meticulously trace the movement of stolen assets across multiple blockchains, identifying key laundering patterns and generating actionable intelligence for law enforcement. By March 2023, the team had mapped out the attackers’ attempts to obfuscate their funds, linking them to Tornado Cash transactions and cross-chain swaps.” reads the report published by TRM Labs. “As a result, law enforcement was able to successfully seize USD 31 million in outstanding funds in February 2025.”

The Uranium Finance asset seizure highlights law enforcement’s growing ability to track and recover stolen crypto, even years later. It warns cybercriminals that blockchain intelligence tools are advancing, making it harder to hide funds. The case also stresses the need for rigorous DeFi security, as minor code flaws can cause huge losses. Despite evolving laundering tactics, stolen assets remain traceable.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, DeFi)