Key Highlights
- A 36-year-old Rockville, Maryland resident, Jonathan Spalletta, faces federal charges for computer fraud and money laundering
- Prosecutors allege he orchestrated two separate attacks on Uranium Finance during April 2021, extracting more than $50 million
- Stolen cryptocurrency was allegedly cleaned through Tornado Cash and used to acquire high-value collectible items
- Federal agents recovered approximately $31 million in digital assets connected to the theft during a February 2025 operation
- The defendant could receive a maximum sentence of three decades behind bars if found guilty on all charges
Federal authorities have filed charges against Jonathan Spalletta, a 36-year-old from Maryland, alleging his involvement in dual cyberattacks targeting the decentralized exchange Uranium Finance during April 2021, which resulted in losses exceeding $50 million for the platform.
The charges were made public by the Southern District of New York on Monday following the unsealing of the indictment. Spalletta turned himself in to federal authorities in Manhattan on the same date and made his initial court appearance before U.S. Magistrate Ona Wang.
Uranium Finance operated as a BNB Chain adaptation of the popular automated market maker Uniswap. The platform went live in April 2021 but ceased operations soon after the security breaches depleted its resources.
The initial security breach took place on April 8, 2021, mere days following the platform’s debut. According to allegations, Spalletta exploited a vulnerability in Uranium’s reward distribution system to extract significantly more digital currency than his entitlement allowed, obtaining approximately $1.4 million.
In the wake of the initial breach, a private settlement was arranged. Prosecutors characterize the agreement as a fraudulent “bug bounty” arrangement, where Spalletta negotiated to return the majority of stolen funds while retaining approximately $386,000.
The more substantial attack occurred on April 28, 2021. Spalletta allegedly took advantage of a smart contract coding error that governed withdrawal restrictions across 26 different liquidity pools, extracting $53.3 million in various cryptocurrencies, including Bitcoin, Ether, and Uranium’s proprietary token U92.
After the second breach, Uranium Finance took down its online presence, leaving affected users with minimal information regarding the incident or the perpetrator’s identity.
During February 2025, law enforcement confiscated roughly $31 million worth of cryptocurrency linked to the security breaches. At that point, authorities had not publicly identified any suspects.
Spending Pattern of Stolen Digital Assets
According to prosecutors, Spalletta allegedly conducted elaborate laundering operations involving multiple transaction layers, including routing funds through Tornado Cash, a cryptocurrency mixing protocol.
The proceeds were then allegedly used to acquire premium collectible items. His purchases reportedly included a Black Lotus Magic: The Gathering card valued at approximately $500,000 and 18 unopened Alpha booster packs costing around $1.5 million.
Additional alleged purchases included first-edition Pokémon collections valued above $1 million, an ancient Roman “Eid Mar” coin purchased for about $601,500, and a fragment of fabric from the Wright brothers’ historic aircraft. These items were confiscated during a law enforcement search of his home.
According to messages referenced in the indictment, Spalletta allegedly told an associate: “I did a crypto heist … Crypto is all fake internet money anyway.”
Criminal Charges and Possible Penalties
Spalletta has been charged with one count of computer fraud, punishable by up to 10 years imprisonment, and one count of money laundering, which carries a maximum sentence of 20 years.
U.S. Attorney Jay Clayton stated: “Stealing from a crypto exchange is stealing — the claim that ‘crypto is different’ does not change that.”
This prosecution represents the first instance where authorities have publicly identified a named suspect in connection with the Uranium Finance incident, more than four years following the original attacks.
Get 3 Free Stock Ebooks
Discover top-performing stocks in AI, Crypto, and Technology with expert analysis.
- Top 10 AI Stocks - Leading AI companies
- Top 10 Crypto Stocks - Blockchain leaders
- Top 10 Tech Stocks - Tech giants
