Uranium Finance smart contract flaws actively exploited security flaw
Vulnerability
Summary
Hide ▲
Show ▼
In April 2021, Uranium Finance smart contract flaws were actively exploited to drain funds from liquidity pools, including a rewards calculation weakness and a transaction verification error. The abuse enabled unauthorized withdrawals that stripped roughly $53.3m from 26 liquidity pools. The exchange later shut down after losing most of its assets.
Related Happenings
KelpDAO hit by cyberattack
Incident
First: 21.04.2026 01:23
Last: 21.04.2026 01:23
Sources 1
About this happening:
KelpDAO suffered a cross-chain theft involving rsETH, prompting it to pause rsETH contracts after detecting suspicious activity on April 18, 2026. Reports estimate that about 116,...
KelpDAO hit by cyberattack
IncidentAbout this happening: KelpDAO suffered a cross-chain theft involving rsETH, prompting it to pause rsETH contracts after detecting suspicious activity on April 18, 2026. Reports estimate that about 116,...
Latest development: 21.04.2026 11:30
North Korea’s Lazarus Group targeted LayerZero Labs on April 18, 2026 by poisoning downstream RPC infrastructure, compromising two independent RPC nodes, swapping binaries on op-geth nodes, and forcing a DDoS-driven failover that let a forged cross-chain message pass and enable an unauthorized rsETH transfer.
Kamerin Stokes sentenced for DraftKings account-selling scheme
Law Enforcement
First: 17.04.2026 10:10
Last: 17.04.2026 10:10
Sources 1
About this happening:
**Kamerin Stokes** was **sentenced to 30 months in prison** for selling access to **tens of thousands of hacked DraftKings accounts**, closing a federal **cybercrime** case that a...
Kamerin Stokes sentenced for DraftKings account-selling scheme
Law EnforcementAbout this happening: **Kamerin Stokes** was **sentenced to 30 months in prison** for selling access to **tens of thousands of hacked DraftKings accounts**, closing a federal **cybercrime** case that a...
Uranium Finance hit by network compromise
Incident
First: 31.03.2026 12:15
Last: 31.03.2026 12:15
Sources 1
How related:
Three weeks after the first breach, the second attack reportedly led to the withdrawal of nearly 90% of Uranium Finance's assets, prompting the exchange to shut down immediately.
About this happening:
**Uranium Finance** suffered a **two-stage smart-contract hack** in **April 2021** that drained about **$53.3 million** and forced the exchange to shut down. The attacks exploited...
Uranium Finance hit by network compromise
IncidentHow related: Three weeks after the first breach, the second attack reportedly led to the withdrawal of nearly 90% of Uranium Finance's assets, prompting the exchange to shut down immediately.
About this happening: **Uranium Finance** suffered a **two-stage smart-contract hack** in **April 2021** that drained about **$53.3 million** and forced the exchange to shut down. The attacks exploited...
Jonathan Spalletta Cthulhon Jspalletta indicted in Jonathan Spalletta / Uranium Finance hack and laundering case
Law Enforcement
First: 31.03.2026 12:15
Last: 31.03.2026 12:15
Sources 1
How related:
Jonathan Spalletta, 36, appeared in court after surrendering to law enforcement, according to US prosecutors.
About this happening:
**U.S. prosecutors** charged **Jonathan Spalletta** in a **federal cybercrime** case tied to the **Uranium Finance** hack, alleging more than **$53 million** in stolen crypto was...
Jonathan Spalletta Cthulhon Jspalletta indicted in Jonathan Spalletta / Uranium Finance hack and laundering case
Law EnforcementHow related: Jonathan Spalletta, 36, appeared in court after surrendering to law enforcement, according to US prosecutors.
About this happening: **U.S. prosecutors** charged **Jonathan Spalletta** in a **federal cybercrime** case tied to the **Uranium Finance** hack, alleging more than **$53 million** in stolen crypto was...
Unleash Protocol hit by network compromise
Incident
First: 31.12.2025 17:54
Last: 31.12.2025 17:54
Sources 1
About this happening:
**Unleash Protocol** suffered a **$3.9 million** crypto theft after an attacker used **unauthorized multisig control** to approve a contract upgrade and enable withdrawals. The co...
Unleash Protocol hit by network compromise
IncidentAbout this happening: **Unleash Protocol** suffered a **$3.9 million** crypto theft after an attacker used **unauthorized multisig control** to approve a contract upgrade and enable withdrawals. The co...
Timeline
-
31.03.2026 18:30 2 articles · 1mo ago
Uranium Finance smart contract flaws actively exploited security flaw
Initial DisclosureIn **April 2021**, **Uranium Finance** smart contracts were first abused through a **rewards calculation** flaw, letting an attacker withdraw funds they had not earned.
Show sources
- Maryland Man Charged Over $53m Uranium Finance Crypto Hack — www.infosecurity-magazine.com — 31.03.2026 18:30
- Maryland Man Charged Over $53m Uranium Finance Crypto Hack — www.infosecurity-magazine.com — 31.03.2026 18:30