A maritime phishing campaign is targeting commercial vessels near the Strait of Hormuz, where threat actors impersonate Iranian authorities to demand cryptocurrency payments for safe passage. The attack vector involves fraudulent messages sent directly to shipping companies requesting "transit fees" in Bitcoin or Tether, exploiting the confusion around Iran's actual enforcement actions in the region. There is no technical software vulnerability or patch; the mitigation is non-technical, requiring heightened awareness and verification procedures for all payment demands received via unverified channels.
Crypto scammers are targeting the thousands of ships stranded near the Strait of Hormuz—and at least one ship that faced Iranian gunfire may have been tricked into believing it had paid Iran for safe passage. The first warning of such a crypto scam came from the Greek maritime risk management company MARISKS on April 20, according to Reuters . The company alerted shipowners that scammers posing as Iranian authorities had sent messages to shipping companies asking for “transit fee” payments in bitcoin or tether. That may be particularly confusing for shipping companies because of how Iran has asserted control over the Strait of Hormuz—a vital shipping channel and maritime chokepoint that normally allows Persian Gulf countries to provide one-fifth of the world’s oil and liquefied natural gas supply. Iranian authorities have demanded cryptocurrency payments from oil tankers to pass through the waterway and required ships to follow a route near Iran’s coastline to undergo inspection. Read full article Comments