Got story updates? Submit your updates here. ›
US authorities have unsealed an indictment against Maryland resident Jonathan Spalletta, accusing him of hacking the now-defunct decentralized finance platform Uranium Finance in 2021 and stealing over $54 million across two separate exploits. Prosecutors allege Spalletta used the stolen funds to purchase collectibles like Pokémon cards and Roman coins.
Why it matters
The Uranium Finance hacks highlight the ongoing security vulnerabilities in the DeFi space, where billions have been lost to exploits and hacks in recent years. This case underscores the need for stronger smart contract auditing and security measures to protect investors and platforms.
The details
According to the indictment, Spalletta carried out two hacks against Uranium Finance in April 2021. The first, on April 8, saw him exploit a smart contract flaw to withdraw far more cryptocurrency rewards than he was authorized. A private deal was later struck to return most of the $1.4 million stolen. In a larger second hack on April 28, Spalletta allegedly exploited an error in Uranium’s withdrawal limit smart contract to steal $53.3 million in Bitcoin, Ether, and the platform’s native U92 tokens. Prosecutors say Spalletta used the stolen funds to purchase collectibles like Pokémon cards, Roman coins, and a piece of fabric from the Wright brothers’ airplane.
- On April 8, 2021, Spalletta allegedly exploited a smart contract flaw to steal $1.4 million from Uranium Finance.
- On April 28, 2021, Spalletta allegedly stole $53.3 million from Uranium Finance in a larger hack.
The players
Jonathan Spalletta
A Maryland resident accused of hacking the Uranium Finance DeFi platform and stealing over $54 million in two separate exploits in 2021.
Uranium Finance
A now-defunct decentralized finance platform that was hacked twice in April 2021, leading to its shutdown due to lack of funds.
Jay Clayton
The US Attorney for the Southern District of New York who announced the indictment against Spalletta.
What they’re saying
“Stealing from a crypto exchange is stealing—the claim that ‘crypto is different’ does not change that. For the victims, there is nothing different about having your money taken. Spalletta cost real victims real losses of tens of millions of dollars, and now he’s under real arrest.”
— Jay Clayton, US Attorney, Southern District of New York
What’s next
Spalletta is due to be presented before US Magistrate Ona Wang to formally hear the charges against him, which include one count of computer fraud and one count of money laundering.
The takeaway
The Uranium Finance hacks underscore the ongoing security challenges in the DeFi space, where billions have been lost to exploits in recent years. This case highlights the need for stronger smart contract auditing and security measures to protect investors and platforms from such attacks.
Click Here For The Original Source.
