U.S. Prosecutors Charge Maryland Man in $53 Million Uranium Finance Crypto Heist
A 36-year-old Maryland man, Jonathan Spalletta (also known online as "Cthulhon" and "Jspalletta"), has been charged with stealing over $53 million from the decentralized cryptocurrency exchange Uranium Finance in two separate attacks in April 2021. Spalletta surrendered to authorities on Monday and appeared in court before U.S. Magistrate Judge Ona T. Wang.
The attacks targeted Uranium, an automated market maker similar to Uniswap, exploiting vulnerabilities in its smart contract code. The first breach, on April 8, involved manipulating the AmountWithBonus variable to drain $1.4 million from the exchange’s liquidity pool. Spalletta then extorted Uranium into paying a $386,000 "bug bounty" in exchange for returning the remaining stolen funds.
On April 28, he struck again, exploiting a single-character coding error that allowed him to withdraw nearly 90% of the exchange’s assets approximately $53.3 million across 26 liquidity pools. The theft forced Uranium Finance to shut down immediately.
Prosecutors allege Spalletta laundered the stolen funds through the Tornado Cash cryptocurrency mixer and spent the proceeds on high-value collectibles, including a $500,000 Black Lotus Magic: The Gathering card, $1.5 million in sealed Alpha Booster packs, a $750,000 first-edition Pokémon base set, and a $601,000 ancient Roman coin commemorating Julius Caesar’s assassination.
In February 2025, law enforcement seized the collectibles from Spalletta’s residence and recovered roughly $31 million in cryptocurrency from linked wallets. He faces up to 10 years in prison for computer fraud and up to 20 years for money laundering. U.S. Attorney Jay Clayton emphasized that the case underscores the real-world consequences of crypto theft, stating, "Stealing from a crypto exchange is stealing there is nothing different about having your money taken."
Uranium cybersecurity rating report: https://www.rankiteo.com/company/uranium-finance
"id": "URA1774952626",
"linkid": "uranium-finance",
"type": "Cyber Attack",
"date": "4/2021",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'industry': 'FinTech/Cryptocurrency',
'name': 'Uranium Finance',
'type': 'Decentralized Cryptocurrency Exchange'}],
'attack_vector': 'Smart Contract Exploit',
'date_detected': '2021-04-08',
'description': 'A 36-year-old Maryland man, Jonathan Spalletta, has been '
'charged with stealing over $53 million from the decentralized '
'cryptocurrency exchange Uranium Finance in two separate '
'attacks in April 2021. The attacks exploited vulnerabilities '
"in Uranium's smart contract code, leading to the exchange's "
'shutdown.',
'impact': {'brand_reputation_impact': 'Severe',
'downtime': 'Immediate shutdown of Uranium Finance',
'financial_loss': '$53.3 million',
'operational_impact': 'Exchange shutdown',
'systems_affected': 'Uranium Finance liquidity pools'},
'investigation_status': 'Ongoing',
'motivation': 'Financial Gain',
'post_incident_analysis': {'root_causes': ['Smart contract vulnerabilities',
'Inadequate code review']},
'ransomware': {'ransom_demanded': '$386,000 (bug bounty extortion)',
'ransom_paid': '$386,000'},
'references': [{'source': 'U.S. Department of Justice'}],
'regulatory_compliance': {'legal_actions': 'Computer fraud and money '
'laundering charges'},
'response': {'containment_measures': 'Exchange shutdown',
'law_enforcement_notified': 'Yes',
'recovery_measures': 'Seizure of stolen assets'},
'threat_actor': 'Jonathan Spalletta (aka Cthulhon, Jspalletta)',
'title': 'U.S. Prosecutors Charge Maryland Man in $53 Million Uranium Finance '
'Crypto Heist',
'type': 'Cryptocurrency Theft',
'vulnerability_exploited': ['Manipulation of AmountWithBonus variable',
'Single-character coding error']}