Iran’s largest crypto exchange, Nobitex, said Wednesday that it was hacked and funds have been drained from its hot wallet.
In a statement on its website translated by TechCrunch, Nobitex said it detected unauthorized access to its infrastructure and hot wallet, in which the company stores a portion of its customers’ cryptocurrency. The company said it was investigating the incident, and that its website and app would be unavailable for the foreseeable future. Public records show the hackers stole at least $90 million of the company’s assets over multiple transactions. Blockchain analysis firm Elliptic said the hackers “burned” the stolen funds by sending the crypto to inaccessible wallets, effectively taking the money out of circulation.
Read more…
Source: TechCrunch News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Sting op takes down 50 DDoS-for-hire domains
December 15, 2022
Police around the globe have seized as many as 50 internet domains said to be involved in tens of millions of distributed-denial-of-service (DDoS) attacks worldwide. Seven people were collared during the swoop. The so-called “booter” websites sold “some of the world’s leading DDoS-for-hire services,” allowing paying customers to launch these networking-flooding cyberattacks against chosen victims, according ...
- Attackers use SVG files to smuggle QBot malware onto Windows systems
December 14, 2022
QBot malware phishing campaigns have adopted a new distribution method using SVG files to perform HTML smuggling that locally creates a malicious installer for Windows. This attack is made through embedded SVG files containing JavaScript that reassemble a Base64 encoded QBot malware installer that is automatically downloaded through the target’s browser. QBot is a Windows malware arriving ...
- Probing Weaponized Chat Applications Abused in Supply-Chain Attacks
December 14, 2022
In late September 2022, threat researchers uncovered a supply-chain attack carried out by malicious actors using a trojanized installer of Comm100, a chat-based customer engagement application. Trend Micro investigation of the incident revealed that the breadth and depth of the campaign’s impact were greater than what the researchers had initially thought; Trend Micro researchers also ...
- Hackers exploit critical Citrix ADC and Gateway zero day, patch now
December 13, 2022
Citrix strongly urges admins to apply security updates for an ‘Critical’ zero-day vulnerability (CVE-2022-27518) in Citrix ADC and Gateway that is actively exploited by state-sponsored hackers to gain access to corporate networks. This new vulnerability allows an unauthenticated attacker to execute commands remotely on vulnerable devices and take control over them. Citrix is warning admins to install ...
- CISA Updates Advisory on #StopRansomware: Cuba Ransomware
December 13, 2022
The Federal Bureau of Investigation (FBI) and CISA have updated joint Cybersecurity Advisory AA22-335A: #StopRansomware: Cuba Ransomware, originally released on December 01, 2022. The advisory has been updated to include additional indicators of compromise (IOCs). CISA encourages organizations to review the latest update to AA22-335A and apply the recommended mitigations. Read more… Source: U.S. Cybersecurity and Infrastructure Security ...
- Researchers smell a cryptomining Chaos RAT targeting Linux systems
December 13, 2022
A type of cryptomining malware targeting Linux-based systems has added capabilities by incorporating an open source remote access trojan called Chaos RAT with several advanced functions that bad guys can use to control remote operating systems. Trend Micro security researchers discovered the threat last month. Like earlier, similar versions of the miner that also target Linux ...