Iran’s largest crypto exchange, Nobitex, said Wednesday that it was hacked and funds have been drained from its hot wallet.
In a statement on its website translated by TechCrunch, Nobitex said it detected unauthorized access to its infrastructure and hot wallet, in which the company stores a portion of its customers’ cryptocurrency. The company said it was investigating the incident, and that its website and app would be unavailable for the foreseeable future. Public records show the hackers stole at least $90 million of the company’s assets over multiple transactions. Blockchain analysis firm Elliptic said the hackers “burned” the stolen funds by sending the crypto to inaccessible wallets, effectively taking the money out of circulation.
Read more…
Source: TechCrunch News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Smoking Out a DARKSIDE Affiliate’s Supply Chain Software Compromise
June 16, 2021
Mandiant observed DARKSIDE affiliate UNC2465 accessing at least one victim through a Trojanized software installer downloaded from a legitimate website. While this victim organization detected the intrusion, engaged Mandiant for incident response, and avoided ransomware, others may be at risk. As reported in the Mandiant post, “Shining a Light on DARKSIDE Ransomware Operations,” Mandiant Consulting has ...
- Paradise Ransomware source code released on a hacking forum
June 15, 2021
The complete source code for the Paradise Ransomware has been released on a hacking forum allowing any would-be cyber criminal to develop their own customized ransomware operation. Released on the hacking forum XSS, the link to the source code is only accessible to active users on the site who have previously replied to or reacted to ...
- Andariel evolves to target South Korea with ransomware
June 15, 2021
In April 2021, we observed a suspicious Word document with a Korean file name and decoy. It revealed a novel infection scheme and an unfamiliar payload. While we were doing our research into these findings, Malwarebytes published a nice report with technical details about the same series of attacks, which they attributed to the Lazarus ...
- REvil ransomware hits US nuclear weapons contractor
June 14, 2021
US nuclear weapons contractor Sol Oriens has suffered a cyberattack allegedly at the hands of the REvil ransomware gang, which claims to be auctioning data stolen during the attack. Sol Oriens describes itself as helping the “Department of Defense and Department of Energy Organizations, Aerospace Contractors, and Technology Firms carry out complex programs.” However, job postings first ...
- Microsoft: SEO poisoning used to backdoor targets with malware
June 14, 2021
Microsoft is tracking a series of attacks that use SEO poisoning to infect targets with a remote access trojan (RAT) capable of stealing the victims’ sensitive info and backdooring their systems. The malware delivered in this campaign is SolarMarker (aka Jupyter, Polazert, and Yellow Cockatoo), a .NET RAT that runs in memory and is used by ...
- G7 leaders ask Russia to hunt down ransomware gangs within its borders
June 14, 2021
G7 (Group of 7) leaders have asked Russia to urgently disrupt ransomware gangs believed to be operating within its borders, following a stream of attacks targeting organizations from critical sectors worldwide. The G7 member states also expressed their commitment to work together to address the escalating and immediate ransomware threat as a global challenge. Read more… Source: Bleeping ...