The American authorities reported a return of $31 million in cryptocurrency, stolen during the cyber attack on the Uranium Finance platform in 2021. The decentralized financial (Defi) project, built on BNB Chain from Binance, lasted only a few weeks before attackers found a vulnerability in its smart contracts and withdrew tens of millions of dollars.
Research company TRM Labs stated that they assisted the Southern District of New York (SDNY) and the Homeland Security Investigations (HSI) to track and return the stolen assets. According to TRM Labs, this was one of the largest operations to restore stolen cryptocurrency in recent years.
Analysts began tracking assets in February 2023, identifying the money laundering schemes through Tornado Cash and inter-meter exchanges. By March of the same year, they were able to trace the movement of funds and provide law enforcement agencies with detailed information. As a result, in February 2025, the authorities successfully confiscated $31 million.
Hackers attacked Uranium finance twice – on April 6 and 28, 2021, causing losses of more than $53.7 million. The first attack, associated with an error in the reward distribution system, netted $1.4 million. They later returned $1 million, keeping $385.5 thousand, which they laundered through Tornado Cash.
The second attack was much larger – due to an error in the code, the attackers were able to alter the balances and stole $52 million. They transferred these funds through decentralized exchanges, converted them into different cryptocurrencies, and stored them in inactive wallets for several years.
Now, more than half of the stolen amount has been returned. The Southern District of New York urged victims to contact the authorities via email at “UraniumVictims@hsi[.]DHS[.]GOV” to claim their share of the restored assets.