Hacker successfully transfers $2.5m worth of BUSD to Ethereum on Uranium Finance
The attacker behind the Uranium Finance incident has successfully transferred 2.5 million BUSD from the BNB chain to Ethereum (ETH) using the Li.fi protocol, as reported by on-chain analytics platform PeckShield Alert on January 22. This transfer involved converting the assets into 812 ETH and approximately $500,000 in stablecoins.
The original hack took place in April 2021, and the main address associated with the incident has now moved a total of $3.1 million in BUSD to Ethereum. Peck Shield’s initial report revealed a transfer of $10,000 BUSD via the Stargate cross-chain bridging protocol, and further tracking uncovered additional transfers totaling 3.1 million BUSD.
The attacker’s strategy involved distributing 500,000 BUSD across six transactions, as well as another 100,000 BUSD in a separate transaction. These transactions took place within an hour and have sparked discussions within the crypto community.
The attacker’s BNB Chain address held over $15 million in assets, consisting of BUSD and Wrapped BNB (WBNB), but it is now completely emptied.
In addition, the exploiter’s Ethereum address had holdings of 824 Ether, valued at $1.3 million at the time, along with smaller amounts of USDC and USDT. Shortly after transferring the BUSD to Ethereum, 1,200 ETH (worth $1.89 million) were moved to Tornado Cash, a cryptocurrency mixer, through 12 transactions of 100 ETH each.
These activities are consistent with a pattern observed throughout the year, including previous transfers to Tornado Cash. The first of these transfers occurred in March, involving a different address that moved 2,250 ETH to the mixer. In total, the exploiter managed to extract $50 million in crypto assets by exploiting a flaw in the pair contracts of the Uranium Finance protocol.
On a related note, there has been an increase in illicit cryptocurrency activities in 2024. A notable phishing attack, reported by Scam Sniffer, resulted in a loss of $4.20 million for the victim. The scam took advantage of ERC20 Permit signatures, giving the scammers access to the victim’s assets.
CoinGecko’s X accounts were also breached by hackers, as mentioned in a previous article.
Follow Us on Google News.
