Wallet tied to Uranium Finance hacker reawakens after 647 days, shifting $3.3M

One of many wallets related to the $50 million exploit of Uranium Finance in April 2021 seems to have awoken after 647 days of dormancy, with funds headed in direction of crypto mixer Twister Money.

The sudden transfer was highlighted on Mar 7 by cybersecurity companies PeckShield and CertiK on their respective alert accounts on Twitter.

In accordance with knowledge from Etherscan, the hacker moved the two,250 Ether (ETH), value $3.35 million, over a seven-hour interval in transactions starting from 1 ETH to 100 ETH — with all of the funds heading to Twister Money.

That is, nonetheless, simply one of many wallets related to the hacker. One other Ethereum pockets linked to the hacker exhibits it was final lively 159 days in the past, with 5 ETH being sent to privacy-focused Ethereum zk-rollup on Aztec.

This marks one more event in 2023 through which a hacker’s pockets has come out of dormancy after a prolonged hiatus. In January, the Wormhole hacker moved round $155 million value of ETH virtually a yr after exploiting the Wormhole bridge for $321 million in early 2022.

The identical month, a infamous hacker dubbed the “blockchain bandit” additionally moved round $90 million after a six-year slumber. 

In February, the Wormhole hacker moved one other $46 million value of stolen funds, whereas fashionable blockchain sleuth ZachXBT highlighted by way of Twitter on Feb. 23 that “dormant funds left over” from the April 2018 $230 million change hack by “North Korea started to maneuver after over 4.5 years.”

Binance Sensible Chain-based automated market maker Uranium Finance was exploited on April 28, 2021. The hack itself was reportedly the results of a coding vulnerability that allowed the hacker to siphon $50 million throughout Uranium’s v2.1 protocol launch and token migration occasion.

The platform seemingly shut down shortly after the hack, with its final tweet revealed on April 30, 2021, urging customers to take away funds from its varied liquidity swimming pools.

Unanswered questions

It is usually value noting that on April 28, 2021, somebody claiming to be a member of the challenge’s improvement crew prompt within the Uranium Discord channel that the hack could have been an inside job.

They outlined that solely a small variety of crew members knew of the safety flaw previous to the v2.1 protocol launch, and questioned the suspicious timing of the hack being simply two hours earlier than launch.

Since then, stories have gone chilly on the challenge and its victims. Nonetheless, Binance discussion board posts from final October recommend that customers have been neglected within the chilly.

Associated: 7 DeFi protocol hacks in Feb see $21 million in funds stolen: DefiLlama

On Oct. 26, Consumer “RecoveryMad” made a post asking for a follow-up on the hack, and famous that the particular person representing the Uranium crew locally Telegram had “vanished.”

In response, consumer “nofiatnolie” claimed that “No investigation was carried out. It was swept up beneath the rug. There are nonetheless sufferer teams with no solutions and crowd-sourced investigations [are] pointing on the builders of Uranium and others because the suspects.”

Subscribe to our mailing list to receive new updates and special offers

We don’t spam! Read our [link]privacy policy[/link] for more info.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button
You have not selected any currencies to display