Iran’s largest crypto exchange, Nobitex, said Wednesday that it was hacked and funds have been drained from its hot wallet.
In a statement on its website translated by TechCrunch, Nobitex said it detected unauthorized access to its infrastructure and hot wallet, in which the company stores a portion of its customers’ cryptocurrency. The company said it was investigating the incident, and that its website and app would be unavailable for the foreseeable future. Public records show the hackers stole at least $90 million of the company’s assets over multiple transactions. Blockchain analysis firm Elliptic said the hackers “burned” the stolen funds by sending the crypto to inaccessible wallets, effectively taking the money out of circulation.
Read more…
Source: TechCrunch News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- The hateful eight: Kaspersky’s guide to modern ransomware groups’ TTPs
June 23, 2022
These days ransomware analysis gets a lot of coverage in commercial and public reports, with vendors issuing dozens of ransomware-related publications each year. These reports provide analysis on specific malware families or new samples, describe the activities of a particular ransomware group, give general tips on how to prevent ransomware from working, and so on. ...
- Europol: Phishing gang behind several million euros worth of losses busted in Belgium and the Netherlands
June 21, 2022
A cross-border operation, supported by Europol and involving the Belgian Police (Police Fédérale/Federale Politie) and the Dutch Police (Politie), resulted in the dismantling of an organised crime group involved in phishing, fraud, scams and money laundering. The action day on 21 June 2022 led to: 9 arrests in the Netherlands 24 house searches in the NetherlandsSeizures including firearms, ...
- 1.5 million customers impacted by Flagstar Bank data breach
June 21, 2022
Flagstar Bank has disclosed a security incident that led to the exposure of personal data belonging to up to 1.5 million customers. As reported by Bleeping Computer, the data breach occurred between December 3 and December 4, 2021. The US financial organization is headquartered in Michigan and operates over 150 branches in areas including Indiana, California, Wisconsin, ...
- Magecart attacks are still around. And they are becoming more stealthy
June 21, 2022
Magecart attacks are decreasing in number but are becoming more stealthy, with researchers highlighting potential server-side blindspots in tracking them. It’s not too often you hear about Magecart attacks. In the past few years, cybersecurity incidents that hit the headlines tended to involve attacks on core utilities and critical services, state-sponsored campaigns, ransomware, massive data breaches, ...
- Avos ransomware group expands with new attack arsenal
June 21, 2022
Avos is a ransomware group first identified in 2021 initially targeting Windows machines. More recently, a new ransomware variant of AvosLocker, named after the group, is also targeting Linux environments. Well-funded and financially motivated, Avos has been active since June 2021 and follows the ransomware-as-a-service (RaaS) model, an affiliate program to recruit potential partners. The announcement ...
- Microsoft 365 credentials targeted in new fake voicemail campaign
June 20, 2022
A new phishing campaign has been targeting U.S. organizations in the military, security software, manufacturing supply chain, healthcare and pharmaceutical sectors to steal Microsoft Office 365 and Outlook credentials. The operation is ongoing and the threat actor behind it uses fake voicemail notifications to lure victims into opening a malicious HTML attachment. According to researchers at cloud ...