Crypto scammers are exploiting the volatile situation near the Strait of Hormuz, where numerous ships remain stranded. Reports indicate that at least one vessel, which encountered Iranian gunfire, may have been deceived into believing it had paid for safe passage to navigate the region.
The warning about these crypto scams originated from MARISKS, a Greek maritime risk management firm, on April 20. The company informed shipowners that impostors posing as Iranian officials have been sending fraudulent messages demanding “transit fees” in cryptocurrencies such as bitcoin or tether. This tactic capitalizes on the complexities surrounding Iran’s control over the Strait of Hormuz—a critical maritime passage through which a significant portion of the world’s oil and liquefied natural gas is transported.
Iran’s recent maneuvers include demanding cryptocurrency payments from oil tankers to allow their transit. Ships are required to navigate in proximity to Iran’s coast for inspections, a process that adds layers of risk and confusion for shipping companies. The situation is further complicated by the fact that many vessels, roughly 2,000, and about 20,000 mariners are currently stranded near this vital waterway.
MARISKS noted that a vessel reportedly tried to pass through the Strait on April 18, a time when Iranian authorities had announced that ships could undergo inspections. However, this ship soon retreated after coming under fire from Iranian military forces. Concurrently, on April 22, the Liberia-flagged cargo ship Epaminondas faced a similar scenario. This ship, owned by Technomar and operated by MSC, had reportedly been granted permission to transit the strait before the incident occurred. Investigations are underway to determine if the communication that authorized its passage was indeed legitimate or another fraudulent attempt.
The incidents illustrate a concerning trend where shipping companies are becoming unintended targets of crypto scams amid geopolitical tensions. In applying the MITRE ATT&CK framework, several adversary tactics could be relevant to understanding the operational methods employed by these scammers. Initial access to victims may be facilitated through phishing tactics, enabling adversaries to manipulate communication channels effectively. The scammers may also employ techniques associated with credential dumping to enhance their deceptive methods and assert authority.
Given the complexities of maritime operations and the economic implications of disruptions in this vital shipping route, it is crucial for stakeholders to remain vigilant against such cyber threats. As the situation evolves, understanding the intersection of maritime security and cybersecurity practices will be increasingly vital for those involved in global shipping and logistics.