Jonathan Spalletta is a Maryland resident who was indicted in March 2026 in connection with the 2021 exploits of Uranium Finance, a decentralized cryptocurrency exchange. He is accused of stealing over $54 million in two separate hacks by exploiting vulnerabilities in the platform's smart contracts. According to federal prosecutors, Spalletta then laundered the stolen funds and used them to purchase millions of dollars in rare collectibles, including high-value trading cards and historical memorabilia. The case is being handled by the U.S. Attorney's Office for the Southern District of New York. ^{[1] [2]}​

Background and Indictment

Jonathan Spalletta was born circa 1990 and resided in Rockville, Maryland, at the time of his indictment. ^[1] He operated online under several aliases, including "Cthulhon," "Jspalletta," "Jonny Boy," "Nass," and "SirJonathan." ^{[1] [3]}

On March 30, 2026, an indictment from the Southern District of New York was unsealed, charging Spalletta for his alleged role in the Uranium Finance exploits. He surrendered to authorities on the same day. ^{[1] [2]} The case was assigned to U.S. District Judge Jed S. Rakoff. ^[1]

Spalletta faces two federal charges:

• One count of computer fraud, which carries a maximum sentence of 10 years in prison.
• One count of money laundering, which carries a maximum sentence of 20 years in prison.

If convicted on both counts, he faces a potential total sentence of up to 30 years. ^{[1] [2]}

Uranium Finance Exploits

Uranium Finance was a decentralized finance (DeFi) project that operated as an automated market maker on the BNB Chain (formerly Binance Smart Chain), allowing users to trade cryptocurrencies through liquidity pools. ^{[4] [3]} Prosecutors allege Spalletta carried out two separate hacks against the platform in April 2021.

First Exploit (April 2021)

According to the indictment, the first hack occurred on or about April 8, 2021. Spalletta allegedly exploited a bug within one of Uranium Finance's smart contracts to fraudulently withdraw "rewards" tokens from a liquidity pool, stealing approximately $1.4 million worth of cryptocurrency. ^[1]​

Deception Campaign

In the period surrounding the hacks, Spalletta and alleged co-conspirators are accused of orchestrating a deception campaign to mislead investors and conceal their involvement. They created a public "War Room" on the messaging platform Telegram, where they posed as a team dedicated to investigating the incident and recovering the stolen funds. ^[4]​

As part of this ruse, they promoted a false narrative that a "white-hat hacker" had intervened to secure some of the assets. To lend credibility to this claim, they returned approximately $2 million of the stolen funds to a wallet they controlled but presented to the community as the official developer's wallet. This act was intended to build trust among the victims and create the appearance of a legitimate recovery effort being underway. ^[4]​

Second Exploit (April 2021)

On or about April 28, 2021, Spalletta allegedly executed the second, much larger hack. He exploited a separate, critical error in Uranium Finance's main smart contract that governed cryptocurrency withdrawals. This vulnerability allowed an attacker to manipulate the value of input tokens during a swap, enabling them to drain nearly all other assets held in the platform's liquidity pools. ^{[1] [4]}​

The attack targeted 26 separate liquidity pools, resulting in the theft of approximately $53.3 million in various cryptocurrencies, including BNB and BUSD. The massive theft created a catastrophic loss of funds, forcing the Uranium Finance exchange to cease operations permanently. ^{[1] [2]}​

Money Laundering and Asset Purchases

Following the hacks, Spalletta is accused of engaging in a sophisticated scheme to launder the stolen cryptocurrency, of which he allegedly received at least $11 million personally. ^[3]​

The laundering process allegedly involved using Tornado Cash, a cryptocurrency mixing service designed to obscure the on-chain trail of transactions. The stolen BNB and BUSD tokens were swapped for Ethereum (ETH), which was then converted into Monero (XMR), a privacy-enhancing cryptocurrency, to further conceal the funds' origins. ^{[1] [3]}​

The laundered proceeds were then allegedly used to acquire a collection of high-value and rare items:

• Magic: The Gathering Cards: A "Black Lotus" card purchased for approximately 1,512,500.
• Pokémon Cards: A sealed box of first-edition "Booster" cards for approximately 750,000.
• Antiquities and Memorabilia: An "Eid Mar Denarius," an antique Roman coin commemorating the assassination of Julius Caesar, for 137,500.

These specific purchases and their values were detailed in the Department of Justice's indictment materials. ^{[1] [2]}​

Investigation and Asset Seizure

The investigation into the Uranium Finance hacks was conducted by the Federal Bureau of Investigation (FBI) and the Internal Revenue Service, Criminal Investigation (IRS-CI). ^[3] On February 24, 2025, U.S. law enforcement seized cryptocurrency linked to the hacks, which was valued at approximately $31 million at the time of the seizure. ^{[1] [2]}​

In addition to the cryptocurrency, authorities executed a search warrant at Spalletta's residence and seized numerous physical assets believed to have been purchased with the stolen funds. These seized items included the "Black Lotus" trading card, antique coins, and other collectibles. ^[1]​

Official Statements

Upon the unsealing of the indictment, U.S. Attorney for the Southern District of New York, Damian Williams, stated: "As alleged, Jonathan Spalletta repeatedly hacked smart contracts to steal millions of dollars worth of other people’s money for himself, and destroyed a cryptocurrency exchange in the process. Spalletta was allegedly able to do so by exploiting bugs in the exchange’s computer code. But he was not able to hide the fruits of his fraud. We will continue to unravel complex cybercrimes and hold fraudsters accountable, no matter how sophisticated the scheme." ^[1]

FBI Assistant Director in Charge James Smith commented on the FBI's commitment to pursuing such cases: "Bad actors in the cryptocurrency space are on notice that the FBI is committed to identifying and apprehending them regardless of their use of sophisticated trading techniques." ^[3]

Thomas M. Fattorusso, the Special Agent in Charge of the New York Field Office of the IRS-CI, added: "Spalletta's alleged actions to exploit the code of Uranium Finance is a new-age, high-tech spin on fraud... IRS Criminal Investigation will continue to lend our cyber and financial investigative expertise to cases like this one to ensure those who look for illicit profits from the digital world are brought to justice." ^[4]