Iran’s largest crypto exchange, Nobitex, said Wednesday that it was hacked and funds have been drained from its hot wallet.
In a statement on its website translated by TechCrunch, Nobitex said it detected unauthorized access to its infrastructure and hot wallet, in which the company stores a portion of its customers’ cryptocurrency. The company said it was investigating the incident, and that its website and app would be unavailable for the foreseeable future. Public records show the hackers stole at least $90 million of the company’s assets over multiple transactions. Blockchain analysis firm Elliptic said the hackers “burned” the stolen funds by sending the crypto to inaccessible wallets, effectively taking the money out of circulation.
Read more…
Source: TechCrunch News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Massive Phishing Campaigns Target India Banks’ Clients
November 7, 2022
Trend Micro researchers observed an uptick in attacks targeting bank customers in India, the common entry point being a text message with a phishing link. The SMS content urges the victims to open the embedded phishing link or malicious app download page and follow the instructions: To fill in their personally identifiable information (PII) and ...
- Azov Ransomware is a wiper, destroying data 666 bytes at a time
November 7, 2022
The Azov Ransomware continues to be heavily distributed worldwide, now proven to be a data wiper that intentionally destroys victims’ data and infects other programs. Last month, a threat actor began distributing malware called ‘Azov Ransomware’ through cracks and pirated software that pretended to encrypt victims’ files. However, instead of providing contact info to negotiate a ransom, ...
- DDoS attacks in Q3 2022
November 7, 2022
In Q3 2022, DDoS attacks were, more often than not, it seemed, politically motivated. As before, most news was focused on the conflict between Russia and Ukraine, but other high-profile events also affected the DDoS landscape this quarter. The pro-Russian group Killnet, active since January 2022, took the responsibility for several more cyberattacks. According to the ...
- Robin Banks phishing service returns to steal banking accounts
November 4, 2022
The Robin Banks phishing-as-a-service (PhaaS) platform is back in action with infrastructure hosted by a Russian internet company that offers protection against distributed denial-of-service (DDoS) attacks. Robin Banks faced operational disruption in July 2022, when researchers at IronNet exposed the platform as a highly threatening phishing service targeting Citibank, Bank of America, Capital One, Wells Fargo, ...
- OPERA1ER APT in Africa
November 3, 2022
In 2019, Group-IB Threat Intelligence team detected a series of targeted attacks on financial organizations in Africa. Later in 2020, our professionals in collaboration with Orange, managed to piece together the seemingly disparate attacks into a single timeline and successfully attribute them to the threat actor codenamed OPERA1ER (also known as DESKTOP-GROUP, Common Raven, NXSMS). In ...
- Stopping C2 communications in human-operated ransomware through network protection
November 3, 2022
Command-and-control (C2) servers are an essential part of ransomware, commodity, and nation-state attacks. They are used to control infected devices and perform malicious activities like downloading and launching payloads, controlling botnets, or commanding post-exploitation penetration frameworks to breach an organization as part of a ransomware attack. Blocking these communications can mitigate attacks, sometimes before they’re ...