Cryptocurrency Fraud,
Finance & Banking,
Fraud Management & Cybercrime

Also: Chinese Firms Indicted in Crypto-Linked Fentanyl Supply Case

Rashmi Ramesh •
April 2, 2026

Each week, ISMG compiles significant cybersecurity incidents within the realm of digital assets. Recent events include the indictment for hacking Uranium Finance, further legal actions against Chinese firms linked to fentanyl supply chains, an investor class action against Nvidia, a security breach involving Drift Protocol, operational challenges faced by KuCoin in the U.S., and the sanctioning of Xinbi.

US Charges Man Over $54M in Uranium Finance Hacks

U.S. prosecutors have formally charged Maryland resident Jonathan Spalletta with orchestrating two significant hacks on the decentralized exchange Uranium Finance in 2021, resulting in the theft of millions and ultimately leading to the platform’s shutdown. Spalletta faces one count of computer fraud and one count of money laundering, which collectively carry a potential maximum sentence of 30 years in prison.

According to authorities, Spalletta initially exploited vulnerabilities within smart contract logic in April 2021, executing deceptive transactions that enabled him to siphon off approximately $1.4 million from a liquidity pool. Just weeks later, he was reported to have exploited another security weakness, leading to the theft of about $53.3 million, which effectively crippled the exchange. U.S. prosecutors further indicated that he laundered the stolen proceeds, spending millions on rare collectibles, including notable trading cards and historic memorabilia related to the Apollo 11 moon landing. Following these incidents, approximately $31 million in cryptocurrency linked to the initial hack was later seized by authorities.

A federal grand jury in Ohio has indicted two Chinese pharmaceutical companies and six individuals for allegedly supplying precursors for fentanyl and laundering money using cryptocurrency. Prosecutors claim the companies were involved in providing chemicals, including medetomidine, to drug traffickers, while instructing buyers to complete payments via cryptocurrency wallets that were under their control. This case forms part of the FBI’s Operation Box Cutter, aimed at dismantling global fentanyl networks. Among those charged are three defendants who are accused of attempting to support a Mexican cartel recognized as a terrorist organization.

Investigators have revealed that the accused utilized cryptocurrency for processing payments, transferring funds through several wallets before eventually converting them to fiat currency overseas. Should they be convicted, the defendants could potentially face life sentences for drug-related charges and up to 20 years for associated financial crimes and acts of terrorism.

A federal judge in the United States has granted permission for investors to continue as a class in a lawsuit accusing Nvidia and its CEO Jensen Huang of providing misleading information regarding the company’s revenue associated with cryptocurrency. The court ruled that the plaintiffs adequately met the criteria for class certification, subsequently dismissing Nvidia’s attempts to block the case and excluding expert analysis regarding damages from contention.

Investors assert that Nvidia did not adequately disclose the extent to which its gaming GPU revenue was reliant on cryptocurrency mining between 2017 and 2018, alleging that the majority of this revenue originated from GeForce GPUs rather than from the OEM segment. The judge articulated that Nvidia failed to sufficiently counter evidence suggesting that these statements indeed influenced the company’s stock price, particularly following a significant November 2018 disclosure that caused the stock to plummet by 28.5%.

Subsequent analyses have indicated that revenues tied to cryptocurrency vastly exceeded Nvidia’s reported figures. While this ruling does not imply liability on Nvidia’s part, it does allow investors to collectively pursue their claims as the case progresses.

In a troubling development, the Solana-based Drift Protocol has reported a serious security breach, with estimated losses ranging between $200 million and $270 million. Attackers targeted multiple vaults, including JLP Delta Neutral, SOL Super Staking, and BTC Super Staking. A singular transaction involving 41.7 million JLP tokens accounted for approximately $155 million, while other assets—including SOL, USDC, cbBTC, and wBTC—were also affected.

In response to the incident, Drift issued a public statement acknowledging the unusual activity and advised users to refrain from making any deposits while an investigation is underway. Preliminary analyses indicate that this event could rank among the largest cryptocurrency hacks to date as well as stand as one of the most significant breaches on the Solana network since the Wormhole exploit.

Notably, the attacker has commenced swapping stolen assets into USDC via Jupiter and has been bridging funds to Ethereum, reportedly acquiring nearly 20,000 ETH valued at approximately $42 million.

A recent court ruling in the U.S. has ordered Peken Global Limited, the operator of KuCoin, to permanently prevent U.S. users from using its services unless the company registers as a foreign board of trade. The ruling, issued by the Southern District of New York, also mandates a civil penalty of $500,000 tied to an enforcement action by the Commodity Futures Trading Commission.

Regulatory bodies have accused Peken Global and associated entities of running an unauthorized digital asset derivatives exchange, which involved failing to register properly and lacking essential customer identification controls. The consent order prohibits future violations but does not stipulate the need for disgorgement, noting the firm’s cooperation with related investigations.

This ruling follows prior legal actions, including Peken Global’s 2025 guilty plea for operating an unlicensed money transmitting business, which resulted in fines and forfeiture exceeding $290 million. As part of the resolution agreement, KuCoin is required to exit the U.S. market for a minimum of two years.

The U.K. government has implemented sanctions against a cryptocurrency marketplace and various individuals linked to extensive scam operations across Southeast Asia. The targeted platform, Xinbi, is described as a Chinese-language illicit market that facilitates fraud by allowing the sale of stolen data and providing crypto-based services to scammers. Data gleaned from Chainalysis indicates that Xinbi processed transactions exceeding $19.9 billion from 2021 through 2025.

Officials have highlighted that scam centers operating throughout the region employ schemes, including fabricated romantic relationships, to defraud unsuspecting victims, with many victims reportedly trafficked and coerced into participation. The sanctions also extend to Legend Innovation Co., associated with a prominent scam compound situated in Cambodia, along with various linked individuals.