3 hours ago
1 
TLDR
Jonathan Spalletta, 36, of Rockville, Maryland, has been charged with computer fraud and money laundering He allegedly hacked Uranium Finance twice in April 2021, stealing over $50 million Proceeds were laundered through Tornado Cash and spent on rare collectibles Authorities seized $31 million in crypto tied to the hack in February 2025 Spalletta faces up to 30 years in prison if convicted on both countsJonathan Spalletta, a 36-year-old Maryland resident, has been charged by federal prosecutors for two hacks against decentralized exchange Uranium Finance in April 2021 that drained over $50 million from the platform.
(1/2)
Uranium migration has been exploited, the following address has 50m in it The only thing that matters is keeping the funds on BSC, everyone please start tweeting this address to Binance immediately asking them to stop transfers.
— Uranium Finance (@UraniumFinance) April 28, 2021
The indictment was unsealed by the Southern District of New York on Monday. Spalletta surrendered to authorities in Manhattan the same day and appeared before U.S. Magistrate Ona Wang.
Uranium Finance was a BNB Chain fork of the automated market maker Uniswap. It launched in April 2021 and shut down shortly after the attacks due to a lack of funds.
The first hack occurred on April 8, 2021, just days after launch. Spalletta allegedly exploited a flaw in Uranium’s rewards mechanism to withdraw far more cryptocurrency than he was authorized to receive, taking roughly $1.4 million.
After the first hack, a private deal was reached. Spalletta negotiated what prosecutors describe as a sham “bug bounty,” returning most of the funds but keeping around $386,000.
The second and larger attack came on April 28, 2021. Spalletta allegedly exploited an error in the smart contract governing withdrawal limits across 26 liquidity pools, stealing $53.3 million in crypto including Bitcoin, Ether, and Uranium’s native token U92.
Following the second hack, Uranium Finance shut down its website and victims were left with little information about what happened or who was responsible.
In February 2025, authorities seized approximately $31 million in cryptocurrency tied to the exploits. At the time, no details were released about a suspect.
How the Stolen Funds Were Spent
Prosecutors allege Spalletta laundered the stolen crypto through a series of complex transactions, including the use of Tornado Cash, a crypto mixing service.
He then allegedly spent the proceeds on high-value collectibles. These included a Black Lotus Magic: The Gathering card for around $500,000 and 18 sealed Alpha booster packs for roughly $1.5 million.
He also allegedly purchased first-edition Pokémon sets worth over $1 million, an ancient Roman “Eid Mar” coin for about $601,500, and a piece of fabric from the Wright brothers’ original airplane. Items were seized during a search of his residence.
In communications cited in the indictment, Spalletta wrote to an associate: “I did a crypto heist … Crypto is all fake internet money anyway.”
Charges and Potential Sentence
Spalletta faces one count of computer fraud, which carries up to 10 years in prison, and one count of money laundering, which carries up to 20 years.
U.S. Attorney Jay Clayton said in a statement: “Stealing from a crypto exchange is stealing — the claim that ‘crypto is different’ does not change that.”
The charges mark the first time a named defendant has been publicly linked to the Uranium Finance case, more than four years after the hacks took place.
The post Maryland Man Charged With Hacking Uranium Finance DeFi Exchange for $50 Million in 2021 appeared first on CoinCentral.
Bengali (Bangladesh) · 
English (United States) ·