Iran’s largest crypto exchange, Nobitex, said Wednesday that it was hacked and funds have been drained from its hot wallet.
In a statement on its website translated by TechCrunch, Nobitex said it detected unauthorized access to its infrastructure and hot wallet, in which the company stores a portion of its customers’ cryptocurrency. The company said it was investigating the incident, and that its website and app would be unavailable for the foreseeable future. Public records show the hackers stole at least $90 million of the company’s assets over multiple transactions. Blockchain analysis firm Elliptic said the hackers “burned” the stolen funds by sending the crypto to inaccessible wallets, effectively taking the money out of circulation.
Read more…
Source: TechCrunch News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- TrickBot malware now checks screen resolution to evade analysis
July 1, 2020
The infamous TrickBot trojan has started to check the screen resolutions of victims to detect whether the malware is running in a virtual machine. When researchers analyze malware, they typically do it in a virtual machine that is configured with various analysis tools. Due to this, malware commonly uses anti-VM techniques to detect whether the malware is ...
- Australia to invest a record A$1.35bn in cyber security
July 1, 2020
Dubbed the Cyber Enhanced Situational Awareness and Response (Cesar) package, the investment will help Australia identify cyber threats, disrupt foreign cyber criminals and build industry partnerships, said Australian prime minister Scott Morrison yesterday. Noting that malicious cyber activity undermines the government’s efforts to protect Australia’s economy, national security and sovereignty, Morrison said the record investment will ...
- New EvilQuest ransomware discovered targeting macOS users
June 30, 2020
Security researchers have discovered this week a new ransomware strain targeting macOS users. Named OSX.EvilQuest, this ransomware is different from previous macOS ransomware threats because besides encrypting the victim’s files, EvilQuest also installs a keylogger, a reverse shell, and steals cryptocurrency wallet-related files from infected hosts. “Armed with these capabilities, the attacker can main full control over ...
- Developer of Mirai, Qbot-based DDoS botnets jailed for 13 months
June 26, 2020
A 22-year-old Washington man was sentenced to 13 months in prison for renting and developing Mirai and Qbot-based DDoS botnets used in DDoS attacks against targets from all over the world. Schuchman, also known as Nexus Zeta, pleaded guilty to the charges of being involved in the creation and operation of the Satori , Okiru, Masuta, and Tsunami/Fbot botnets and was released to the ...
- DarkCrewFriends Returns with Botnet Strategy
June 26, 2020
The hackers-for-hire group DarkCrewFriends has resurfaced and is targeting content management systems to build a botnet. The botnet can be marshalled into service to carry out a variety of criminal activities, including distributed denial-of-service (DDoS) attacks, command execution, information exfiltration or sabotage of an infected system. Researchers said they observed DarkCrewFriends exploiting an unrestricted file upload ...
- Threat Assessment: EKANS Ransomware
June 26, 2020
Unit 42 researchers have observed recent EKANS (Snake backward) ransomware activity affecting multiple industries in the U.S and Europe. As a result, we’ve created this threat assessment report for the activities of this ransomware. Identified techniques and campaigns can be visualized using the Unit 42 Playbook Viewer. EKANS, which was first observed in January 2020, has relatively ...