{"id":75168,"date":"2023-03-07T14:51:02","date_gmt":"2023-03-07T12:51:02","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=75168"},"modified":"2025-09-10T10:07:50","modified_gmt":"2025-09-10T07:07:50","slug":"hacker-behind-uranium-finance-breach-moves-3-3m-to-tornado-cash","status":"publish","type":"post","link":"https:\/\/u1f987.com\/en\/hacker-behind-uranium-finance-breach-moves-3-3m-to-tornado-cash\/","title":{"rendered":"Hacker behind Uranium Finance breach moves $3.3m to Tornado Cash"},"content":{"rendered":"<p>An address tied to the Uranium Finance breach suddenly moved 2250 ETH (~$3.35m) after 647 days of inactivity.<\/p>\n<p><!--more--><\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\"><a href=\"https:\/\/twitter.com\/hashtag\/PeckShieldAlert?src=hash&#038;ref_src=twsrc%5Etfw\">#PeckShieldAlert<\/a> After 647 days, <a href=\"https:\/\/twitter.com\/UraniumFinance?ref_src=twsrc%5Etfw\">@UraniumFinance<\/a> hacker started move 2250 ETH (~$3.35m) stolen funds into <a href=\"https:\/\/twitter.com\/TornadoCash?ref_src=twsrc%5Etfw\">@TornadoCash<\/a>. On April 28, 2021, the hacker drained approximately $50 million worth of tokens from Uranium&#8217;s \u201cpair contracts\u201d. <a href=\"https:\/\/t.co\/mBhMxmAdS5\">https:\/\/t.co\/mBhMxmAdS5<\/a> <a href=\"https:\/\/t.co\/OOF3R0w3ll\">pic.twitter.com\/OOF3R0w3ll<\/a><\/p>\n<p>\u2014 PeckShieldAlert (@PeckShieldAlert) <a href=\"https:\/\/twitter.com\/PeckShieldAlert\/status\/1632902652685328384?ref_src=twsrc%5Etfw\">March 7, 2023<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>According to Etherscan, on March 7, over seven hours the presumed hacker sent all funds from the wallet to the cryptocurrency mixer <a href=\"https:\/\/u1f987.com\/en\/news\/what-is-the-tornado-cash-mixer-and-why-was-it-sanctioned\">Tornado Cash<\/a>. He made several transactions ranging from 1 to 100 ETH.<\/p>\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"438\" src=\"https:\/\/u1f987.com\/wp-content\/uploads\/image1-566-1024x438.png\" alt=\"image1-566\" class=\"wp-image-199893\" srcset=\"https:\/\/u1f987.com\/wp-content\/uploads\/image1-566-1024x438.png 1024w, https:\/\/u1f987.com\/wp-content\/uploads\/image1-566-300x128.png 300w, https:\/\/u1f987.com\/wp-content\/uploads\/image1-566-768x329.png 768w, https:\/\/u1f987.com\/wp-content\/uploads\/image1-566.png 1350w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><figcaption>Data: <a href=\"https:\/\/etherscan.io\/address\/0xc47bdd0a852a88a019385ea3ff57cf8de79f019d\">Etherscan<\/a>.<\/figcaption><\/figure>\n<p>However, this was only one of the addresses linked to the platform&#8217;s breach. Another well-known wallet in September 2022 <a href=\"https:\/\/etherscan.io\/address\/0xc61429117038a1f13881dd7410b80771f28e06ec\">moved 5 ETH<\/a> to the Aztec Network, a scaling solution for Ethereum using <a href=\"https:\/\/u1f987.com\/en\/news\/what-are-rollups-and-how-do-they-scale-ethereum\">ZK-Rollups<\/a>.<\/p>\n<p>The Uranium Finance protocol breach <a href=\"https:\/\/u1f987.com\/en\/news\/uranium-finance-project-loses-50-million-in-ethereum-due-to-vulnerability\">occurred<\/a> on April 28, 2021, resulting in a loss of $50 million. The hacker exploited a vulnerability that arose when moving assets to the project&#8217;s new fork.<\/p>\n<p>The project apparently never recovered. The last company post on Twitter was dated April 30, 2021. In it, developers urged users to withdraw funds from various liquidity pools.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Please read our latest medium article : &#8220;Last rewards of the money pot, please remove funds from pools&#8221; :<a href=\"https:\/\/t.co\/W5uw0DUSXS\">https:\/\/t.co\/W5uw0DUSXS<\/a><\/p>\n<p>\u2014 Uranium Finance (@UraniumFinance) <a href=\"https:\/\/twitter.com\/UraniumFinance\/status\/1387876821799211010?ref_src=twsrc%5Etfw\">April 29, 2021<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>In February 2023, the total damage from DeFi hacker attacks <a href=\"https:\/\/u1f987.com\/en\/news\/in-february-2023-defi-projects-lost-about-21-4-million-to-hacks\">amounted to $21 million<\/a>. The largest was the <a href=\"https:\/\/u1f987.com\/en\/news\/platypus-defi-protocol-on-avalanche-loses-8-5-million-in-hack\">hack of the Platypus Finance protocol<\/a> for $8.5 million. The attacker used <a href=\"https:\/\/u1f987.com\/en\/news\/what-are-flash-loans\">a &#8216;flash loan&#8217;<\/a> and a logic error in the collateral-checking mechanism.<\/p>\n<p>Earlier this month, the hacker withdrew $700,000 from the LaunchZone liquidity pools, causing the project&#8217;s token to <a href=\"https:\/\/u1f987.com\/en\/news\/launchzone-token-plunges-82-after-hack\">devalue by 82%<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>An address tied to the Uranium Finance breach moved 2250 ETH (~$3.35m) after 647 days of inactivity.<\/p>\n","protected":false},"author":1,"featured_media":75169,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1093,1314],"class_list":["post-75168","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-defi","tag-tornado-cash"],"aioseo_notices":[],"amp_enabled":true,"views":"19","promo_type":"1","layout_type":"1","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/75168","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/comments?post=75168"}],"version-history":[{"count":1,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/75168\/revisions"}],"predecessor-version":[{"id":75170,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/75168\/revisions\/75170"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media\/75169"}],"wp:attachment":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media?parent=75168"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/categories?post=75168"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/tags?post=75168"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}