In a significant breakthrough in the ongoing saga of the 2021 Uranium Finance cyber heist, U.S. authorities have recovered an impressive $31 million in cryptocurrency stolen during the attacks.

The incident occurred in April 2021, when Uranium Finance, a decentralized finance (DeFi) protocol built on Binance's BNB Chain, suffered two devastating cyberattacks. The first attack, which lasted from April 6-8, resulted in the theft of $1.4 million, with $1 million later recovered. However, the second attack, which took place on April 28, exploited a critical code error, leading to a staggering $52 million theft.

The stolen funds were laundered through the notorious cryptocurrency mixer Tornado Cash and decentralized exchanges, with some remaining dormant for years before resurfacing in early 2024. But thanks to the tireless efforts of law enforcement, combined with cutting-edge blockchain intelligence tools, some of these illicit financial flows have now been tracked down.

Working closely with the Blockchain intelligence firm TRM Labs, U.S. authorities were able to meticulously trace the movement of stolen assets across multiple blockchains, identifying key laundering patterns and generating actionable intelligence for law enforcement. By March 2023, the team had mapped out the attackers' attempts to obfuscate their funds, linking them to Tornado Cash transactions and cross-chain swaps.

"In February 2023, TRM worked closely with law enforcement to meticulously trace the movement of stolen assets across multiple blockchains, identifying key laundering patterns and generating actionable intelligence for law enforcement," reads a report published by TRM Labs. "By March 2023, the team had mapped out the attackers' attempts to obfuscate their funds, linking them to Tornado Cash transactions and cross-chain swaps."

"As a result, law enforcement was able to successfully seize USD 31 million in outstanding funds in February 2025," adds the report. "This major breakthrough highlights law enforcement's growing ability to track and recover stolen crypto, even years later."

The Uranium Finance asset seizure serves as a stark warning to cybercriminals that blockchain intelligence tools are advancing at an unprecedented rate, making it increasingly difficult for them to hide funds. It also underscores the importance of rigorous DeFi security measures, as minor code flaws can have catastrophic consequences.

"Despite evolving laundering tactics, stolen assets remain traceable," the report notes. "This case highlights the critical need for robust cybersecurity protocols and collaboration between law enforcement agencies and blockchain intelligence firms to stay ahead of cybercriminals."

If you believe you may have been a victim of this hack, please do not hesitate to contact [email protected] for further assistance.

The recovery of $31 million in stolen assets is a testament to the power of collaboration and innovation in the fight against cybercrime. As we continue to navigate the rapidly evolving world of cryptocurrency, it's essential that law enforcement agencies, blockchain intelligence firms, and individuals alike remain vigilant and proactive in their pursuit of justice.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon for more updates on this story and other cybersecurity-related news.