US authorities have seized $31 million in cryptocurrency tied to the infamous 2021 Uranium Finance hack, marking a major step in recovering stolen digital assets. The operation, led by the US Attorney’s Office for the Southern District of New York and Homeland Security Investigations in San Diego, was announced on Feb. 24.

The 2021 exploit targeted Uranium Finance, a now-defunct decentralized finance (DeFi) platform built on the BNB Chain. The platform suffered a catastrophic attack due to vulnerabilities in its smart contract code, leading to a $50 million loss. Investigators have not disclosed the identities of the hackers but urged victims to come forward.

The attack stemmed from a flaw in Uranium’s v2 smart contract, which allowed the perpetrator to manipulate balances by a factor of 100 and drain funds. Stolen assets included approximately $36.8 million in BNB and Binance USD (BUSD), along with 80 Bitcoin, 1,800 Ether, 26,500 Polkadot, 5.7 million Tether, 638,000 Cardano, and 112,000 U92—Uranium’s native token. The hacker then converted some of the stolen crypto into Ether and funneled it through Tornado Cash, a popular crypto mixer, before transferring it to centralized exchanges.

Uranium Finance’s security flaws had already been exposed in an earlier hack on April 8, 2021, which led to a $1.3 million loss. Just days later, the platform launched a second version, only to be exploited again on April 28. After the attack, Uranium Finance shut down, leaving victims in limbo—until now.

While the seizure is a significant breakthrough, much of the stolen crypto remains unaccounted for. Authorities continue to investigate and are urging affected users to report their losses.