Uranium Finance hacker is yet to cash out their loot. On January 22, PeckShield Alert, an on-chain analytics platform, reported the transfer of 2.5 million BUSD from the BNB Chain to Ethereum using the Li.fi protocol, a decentralized exchange (DEX) aggregator. This transfer involved converting assets to 812 ETH and around $500,000 in stablecoins.
The origin of these funds traces back to the notorious Uranium Finance hack in April 2021. The primary address associated with the incident moved a total of $3.1 million in BUSD to Ethereum. Initially reported as a $10,000 BUSD movement via Stargate, a cross-chain bridging protocol, further tracking revealed additional transfers totaling 3.1 million BUSD.
The attacker’s strategy included distributing 500,000 BUSD across six transactions and another 100,000 BUSD in a separate transaction. These transactions, executed within an hour, sparked discussions within the crypto community.
Uranium Finance Hacker Moves $15 Million
The hackers completely drained their BNB Chain address, initially holding over $15 million in assets comprising BUSD and Wrapped BNB (WBNB), with nothing in it at the time of writing. Furthermore, the exploiter’s Ethereum address held 824 Ether, valued at $1.3 million, along with smaller amounts of USDC and USDT.
Notably, after transferring BUSD to Ethereum, they moved 1,200 ETH (valued at $1.89 million) to Tornado Cash, a cryptocurrency mixer, through 12 transactions of 100 ETH each.
These actions aligned with a pattern observed throughout the year, including several transfers to Tornado Cash in the preceding months. The first such transfer occurred in March, involving a different address moving 2,250 ETH to the mixer. In total, the exploiter managed to extract $50 million in crypto assets by exploiting a flaw in the pair contracts of the protocol.
In a related development, 2024 has witnessed an increase in illicit cryptocurrency activities. A notable phishing attack, reported by Scam Sniffer, resulted in a $4.20 million loss for the victim. The scam exploited ERC20 Permit signatures, allowing scammers access to the victim’s assets.
