"The first hack occurred on April 8, 2021, when Spalletta exploited the protocol's reward distribution system to withdraw roughly $1.4 million in funds, the indictment alleges."
"On April 28, Spalletta exploited another smart contract vulnerability in Uranium to withdraw more funds than he should have been allowed to, stealing approximately $53.3 million across 26 liquidity pools."
"Spalletta laundered the funds through a series of cryptocurrency transactions, including using the crypto mixer Tornado Cash, which was sanctioned in 2022 for laundering stolen funds."
"In February last year, US law enforcement announced the seizure of approximately $31 million in cryptocurrency that Spalletta had fraudulently obtained from Uranium, stored in dormant wallets for roughly three years."
Jonathan Spalletta, a 36-year-old from Maryland, was charged with hacking Uranium Finance, exploiting vulnerabilities to steal over $53 million in cryptocurrency. The first hack in April 2021 involved withdrawing $1.4 million, followed by extortion for a fake bug bounty. A second hack allowed him to drain the exchange completely. Spalletta laundered the stolen funds using Tornado Cash and purchased collectible items. Law enforcement seized approximately $31 million in cryptocurrency linked to him, and he faces charges of computer fraud and money laundering, with a potential 10-year sentence.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]