U.S. authorities have successfully recovered $31 million in cryptocurrency stolen during the 2021 cyberattacks on Uranium Finance, a decentralized finance (DeFi) protocol operating on the Binance Smart Chain. The attack occurred shortly after the platform launched in April 2021, when hackers exploited vulnerabilities in Uranium Finance’s smart contracts, draining millions of dollars from the platform. The attack left investors with substantial losses and forced the closure of the protocol. The cryptocurrency was stolen in two separate attacks, both occurring in April 2021, and was laundered through decentralized exchanges and various cryptocurrencies before being hidden in dormant wallets.
Blockchain intelligence firm TRM Labs assisted law enforcement agencies, including the Southern District of New York (SDNY) and Homeland Security Investigations (HSI) San Diego, in tracing the stolen assets. TRM Labs’ investigation, which began in February 2023, involved identifying laundering patterns and tracking the movement of funds across multiple blockchains.
By March 2023, the investigators had mapped out the attackers’ laundering techniques, which included using Tornado Cash and cross-chain swaps to obscure the origin of the stolen funds.
Thanks to this diligent investigation, the authorities were able to recover $31 million in stolen cryptocurrency by February 2025. Over half of the stolen funds were retrieved in what is considered one of the most significant cryptocurrency recovery efforts in recent years. This recovery is crucial as it provides an opportunity for victims of the 2021 attack to reclaim some of their lost assets.
The SDNY has called on the victims to reach out via email to claim a portion of the recovered funds.
This incident underscores the importance of blockchain intelligence and law enforcement cooperation in tracking and recovering stolen cryptocurrency. The involvement of private cybersecurity firms like TRM Labs highlights how critical partnerships between the private and public sectors are in combatting cryptocurrency-related crime. As the investigation continues, the recovery serves as an example of the increasing success of efforts to track down cybercriminals who use sophisticated methods to launder stolen digital assets.
Reference:
