Latest news with #BankSepah
Wall Street Journal
16 hours ago
- Business
- Wall Street Journal
Iranian Crypto Exchange Hacked, More Than $90 Million Taken
Iran's largest cryptocurrency exchange was drained of more than $90 million on Wednesday, with a pro-Israel hacking group claiming responsibility, according to a blockchain analysis firm. The cyberattack on the exchange, Nobitex, appeared motivated by the ongoing hostilities between Israel and Iran, blockchain analysis firm Elliptic said in a blog post. Elliptic said the hack had been carried out by Gonjeshke Darande, or 'Predatory Sparrow,' which claimed responsibility for an attack on Iran's Bank Sepah earlier this week. A post on an X account associated with Gonjeshke Darande overnight said the exchange's source code would be released in 24 hours and that assets in the exchange would be vulnerable. Elliptic founder Tom Robinson said the claim was credible.
Euronews
a day ago
- Business
- Euronews
How the Israel-Iran conflict is developing in cyberspace
As the conflict between Israel and Iran approaches the first-week mark, both countries are leaning into cyberspace to launch attacks. A possible Israeli-linked hacking group has claimed responsibility for disrupting operations at an Iranian bank and flooding the crypto market with approximately $90 million (€77 million) in stolen funds. Meanwhile, Israeli officials reported fake messages sent to the public alerting them of terrorist attacks against bomb shelters to sow panic. Both countries are also known for having a long history of cyberattacks against each other, according to US-based cybersecurity firm Radware. 'In the days since the fighting began, government-backed hackers, patriotic hacktivists, online propagandists, and opportunistic cybercriminals have all been active,' the company said in its threat alert dated June 18. The anti-Iranian hacking group with possible ties to Israel,Gonjeshke Darande, or 'Predatory Sparrow,' claimed an attack on one of Iran's most prominent banks, Bank Sepah, this week, according to a statement they published on X. Iranian media reported at the time that people had difficulties accessing their accounts, withdrawing cash or using their bank cards. The US Department of the Treasury's Office of Foreign Assets Control (OFAC) sanctioned Bank Sepah in 2018 for supporting Iran's military. The hacking group then went after Nobitex, one of Iran's main cryptocurrency exchanges. The group claimed they burned $90 million from accounts that belong to the Israeli regime and, by Thursday morning, had posted the source code for the platform. In a statement on X posted on Wednesday, Nobitex claimed that the assets were transferred to a wallet 'composed of arbitrary characters,' an approach they say 'deviates significantly from conventional crypto exchange hacks'. 'It is clear the intention behind this attack was to harm the peace of mind and assets of our fellow citizens under false pretences,' Nobitex wrote. Nobitex estimates the amount stolen is closer to $100 million (€87 million) The Iranian government has asked people to delete the social messaging app WhatsApp and has begun internet blackouts that have taken the country offline for 'over 12 hours' due to 'Israel's alleged 'misuse' of the network for military purposes,' according to internet monitoring companies Netblocks and Censys. Iran's Tasnim News Agency, a news service associated with the Iranian military, claimed the Internet blackouts are 'temporary' due to the 'special conditions of the country,' and that it will come back when the 'situation returns to normal'. Gonjeshke Darande has been linked to other cyber attacks in Iran, like the 2010 Stuxnet attack. Stuxnet was a computer virus that damaged or destroyed the centrifuges, a key component used to enrich uranium, at Iran's uranium enrichment facilities in Natanz, one of the facilities targeted in the recent missile fire from Israel. US media reports believe Stuxnet was carried out by Israel with support from the United States, who built the program. It's also believed that Israel's Defence Forces Unit 8200 was involved in the attack, according to Reuters. Gonjeshke Darande has also taken credit for other cyber attacks against Iran, such as the 2022 attack on Iran's steel plants and the 2023 attack on gas stations. At the time of the steel plant cyber attacks, Gonjeshke Darande released on social media what they called 'top secret documents and tens of thousands of emails' from Iran's three leading companies to show how the firms were working with the Islamic Revolutionary Guard Corps, a primary branch of Iran's military. Israeli media reported people receiving fraudulent text messages claiming to come from the Israeli Defence Forces (IDF) Home Front Command that warned of attacks onbomb shelters. The messages from OREFAlert were identified as fake by the Israeli authorities, who claim pro-Iranian groups are behind it as a way to sow panic during the operation against the Iranian military, called Operation Rising Lion. Another fake message circulated that said fuel supplies would be suspended for 24 hours, according to the Jerusalem Post. Ron Meyran, the VP of Cyber Threat Intelligence at US-based cybersecurity firm Radware, told the newspaper that there was a 700 per cent increase in cyberattacks against Israel in the first two days of the conflict with Iran, which comes from cyber retaliation from Iranian state actors. Those actions include infiltration attempts targeting critical infrastructure, data theft and malware distribution, Meyran added. Euronews Next reached out to Radware to independently confirm these numbers but did not hear back at the time of publication. A report from Radware says it expects Iran to make use of 'its well-developed network of fake social media personas to shape perceptions of the conflict.' 'During this crisis, observers have seen pro-Iran bot accounts amplifying hashtags about alleged Israeli atrocities and portraying Iran's actions as defensive,' the report said. The bots 'frequently pose as ordinary citizens to make the messaging more persuasive,' it added. Radware also noted in its report that at least 60 of the 100 hacktivist groups that have sprung up since the start of the conflict last week are pro-Iran and are either from the Middle East or Asia. These groups have launched 30 denial of service (DDos) attacks per day against Israel that disrupt normal traffic to a website, Radware found. Some of these groups have also threatened cyber attacks against the United Kingdom and the United States if leadership there decides to 'join the war against Iran'. Iran has a 'considerable number' of state-sponsored threat groups that have targeted Israel in the past, like Muddy Water, APT35 (OilRig), APT35 (Charming Kitten) and APT39 (Remix Kitten), the Radware report continued. These groups, with the help of Iran's Islamic Revolutionary Guard Corps, have targeted Israeli infrastructure, conducted malware campaigns and cyberespionage according to local media. These cyber attacks increased following the start of the conflict between Israel and Hamas in Gaza in 2023, according to a 2024 report by Microsoft. A SpaceX rocket being tested in Texas exploded Wednesday night, sending a dramatic fireball high into the sky. The company said the Starship 'experienced a major anomaly' at about 11 pm local time while on the test stand preparing for the tenth flight test at Starbase, SpaceX's launch site at the southern tip of Texas. 'A safety clear area around the site was maintained throughout the operation and all personnel are safe and accounted for,' SpaceX said in a statement on the social platform X. Elon Musk's company SpaceX said there were no hazards to nearby communities. It asked people not to try to approach the site. The company said it is working with local officials to respond to the explosion.
AU Financial Review
a day ago
- Politics
- AU Financial Review
US reportedly preparing for possible weekend Iran strike
The conflict between Israel and Iran has spilled over into the digital world. On Tuesday, a pro-Israel hacking group claimed responsibility for a disruptive cyberattack against a major Iranian bank, and Iran's state-run IRIB News reported that Israel had launched a full-scale cyberattack on the country's critical infrastructure. Then on Wednesday, the pro-Israel hackers announced a new breach targeting an Iranian crypto exchange. Predatory Sparrow's claims that it hacked Iran's Bank Sepah and Iranian crypto exchange Nobitex are the latest manifestation of that digital tit-for-tat. And on Thursday, there were reports that the state-run TV was hacked.
See - Sada Elbalad
2 days ago
- Business
- See - Sada Elbalad
Cyberattack Hits Major Iranian Banks
Taarek Refaat Two of Iran's largest financial institutions Bank Sepah and Bank Pasargad were hit by a cyberattack that disrupted their operations, according to government spokeswoman Fatemeh Mohajerani. In a statement on Wednesday, Mohajerani confirmed the cyber intrusion and acknowledged resulting issues, including a sharp rise in demand for cash. 'We have witnessed an increase in demand for banknotes, and this problem in providing cash will be resolved soon,' she said. The attack also affected internet connectivity, as authorities implemented bandwidth restrictions to mitigate further breaches. 'The internet disruption is due to the occasional need to reduce network speed to counter cyberattacks,' Mohajerani explained. While Iran maintains a so-called 'national internet' infrastructure, Mohajerani emphasized that no shift to the closed domestic network would occur unless the situation escalates. 'As long as there is a non-emergency situation, the transition to the national internet will not take place,' she stated. The source of the attack has not been publicly disclosed, and both banks have yet to comment directly on the scope of the disruption. The incident comes amid heightened geopolitical tensions and follows a recent escalation in cyber and physical attacks involving Iranian infrastructure. read more CBE: Deposits in Local Currency Hit EGP 5.25 Trillion Morocco Plans to Spend $1 Billion to Mitigate Drought Effect Gov't Approves Final Version of State Ownership Policy Document Egypt's Economy Expected to Grow 5% by the end of 2022/23- Minister Qatar Agrees to Supply Germany with LNG for 15 Years Business Oil Prices Descend amid Anticipation of Additional US Strategic Petroleum Reserves Business Suez Canal Records $704 Million, Historically Highest Monthly Revenue Business Egypt's Stock Exchange Earns EGP 4.9 Billion on Tuesday Business Wheat delivery season commences on April 15 News China Launches Largest Ever Aircraft Carrier Sports Former Al Zamalek Player Ibrahim Shika Passes away after Long Battle with Cancer Lifestyle Get to Know 2025 Eid Al Adha Prayer Times in Egypt Business Fear & Greed Index Plummets to Lowest Level Ever Recorded amid Global Trade War Arts & Culture Zahi Hawass: Claims of Columns Beneath the Pyramid of Khafre Are Lies News Flights suspended at Port Sudan Airport after Drone Attacks Videos & Features Video: Trending Lifestyle TikToker Valeria Márquez Shot Dead during Live Stream News Shell Unveils Cost-Cutting, LNG Growth Plan Technology 50-Year Soviet Spacecraft 'Kosmos 482' Crashes into Indian Ocean News 3 Killed in Shooting Attack in Thailand
CNA
2 days ago
- Business
- CNA
Iran crypto exchange hit by hackers, $90 million destroyed
An anti-Iranian hacking group with possible ties to Israel announced an attack on one of Iran's largest cryptocurrency exchanges on Wednesday, destroying nearly $90 million and threatening to expose the platform's source code. A group known as Gonjeshke Darande, or 'Predatory Sparrow,' claimed the attack, making it the group's second operation in two days. On Tuesday the group claimed to have destroyed data at Iran's state-owned Bank Sepah amid the increasing hostilities and missile attacks between Israel and Iran. Wednesday's attack targeted Nobitex, one of Iran's largest cryptocurrency exchanges. The platform allegedly helps the Iranian government avoid sanctions and finance illicit operations around the world, the hackers claimed in a message posted to its social media channels early Wednesday. Nobitex's website was unavailable Wednesday. Messages sent to the company's support channel on Telegram were not returned. Gonjeshke Darande did not respond to requests for comment. Nobitex said in a post on X that it had pulled its website and app offline as it reviewed 'unauthorized access' to its systems. Gonjeshke Darande is an established hacking group with a history of sophisticated cyberattacks targeting Iran. A 2021 operation claimed by the group caused widespread gas station outages, while a 2022 attack targeting an Iranian steel mill caused a large fire and tangible, offline damage. Israel has never formally acknowledged that it is behind the group, although Israeli media has widely reported Gonjeshke Darande as 'Israel-linked.' Wednesday's attack started in the early hours of the morning when funds were moved to hacker-controlled wallets denouncing the Islamic Revolutionary Guard Corps (IRGC), according to blockchain analysis firm TRM Labs, which pegged the total theft at about $90 million across multiple types of cryptocurrencies. The way the hacker-controlled wallets were created suggests the hackers would not be able to access the stolen money, meaning that the hackers 'effectively burned the funds in order to send Nobitex a political message,' blockchain analysis firm Elliptic said in a blog post. Elliptic's post shared evidence that Nobitex had sent and received funds to cryptocurrency wallets controlled by groups hostile to Israel, including Palestinian Islamic Jihad, Hamas and Yemen's Houthis. Senators Elizabeth Warren and Angus King had raised concerns about Nobitex's role in enabling Iranian sanctions evasion in a May 2024 letter to top Biden administration officials, citing Reuters' reporting from 2022. Andrew Fierman, head of national security intelligence with Chainalysis, confirmed in an email to Reuters that the value of the attack was roughly $90 million and that it was likely geopolitically motivated, given that the money was burned. Chainalysis has 'previously seen IRGC-affiliated ransomware actors leveraging Nobitex to cash out proceeds, and other IRGC proxy groups leveraging the platform,' Fierman said.
