Uranium Finance
A BNB Chain AMM drained of about $50M on April 28, 2021 during a contract migration, after a single-character math error in its pair contracts let an attacker withdraw far more than deposited. The team suspected an internal leak; U.S. authorities later seized ~$31M.
Also known as: Uranium Finance, U92
Summary
Uranium Finance was an automated market maker on BNB Chain. On April 28, 2021, during the migration to its v2.1 contracts, an attacker exploited a calculation error in the v2 pair contracts — a "sanity check" used the wrong constant (1,000,000 instead of 10,000) — allowing them to send a tiny amount of value and withdraw far more, draining about $50 million across 26 token pairs. [1][2]
Background and recovery
Researchers noted the team had identified and fixed the bug for v2.1 but the vulnerable v2 code was already live, and the project itself suggested the incident may have stemmed from an internal leak; commentators flagged the possibility of an insider job or rug pull. An earlier April 2021 incident had also cost the project funds. In 2025, U.S. authorities (SDNY/HSI) seized about $31 million tied to the exploit. [1][2][3]
Bracketed numbers refer to the numbered sources listed below.
Linked scams & cases
Sources (3)
See also
- Bitcoin Latinum (LTNM)TokensA ~$16M token offering (SAFTs for 'Bitcoin Latinum' / LTNM) that the SEC charged in 2026 as fraud: founder Donald Basile falsely called LTNM 'the world's first insured digital asset' backed by an 'existing trust,' neither of which existed, and diverted investor funds for personal use (including a $160,000 horse).
- Loci (LOCIcoin)TokensA 2017–2018 ICO for 'LOCIcoin' tied to the InnVenn IP-search platform. The SEC charged Loci and CEO John Wise with fraud for raising $7.6M on false claims about revenue, headcount, and user base; Wise also misused investor funds. Settled with a $7.6M penalty and an officer/director bar.
- Blockchain Terminal (BCT)Tokens
This page was last updated on Jun 8, 2026. View revision history.