Korbit holds an education session on AML for its employees

While the crypto markets have not been immune to geopolitical developments, the sector in Iran experienced a more direct effect last week with a politically motivated $90 million exchange hack, prompting the authorities to introduce an exchange curfew. Blockchain analytics firm Chainalysis outlined on X on June 18 that Nobitex, Iran’s largest cryptocurrency exchange, had been hacked, with crypto assets to the value of $90 million having been drained from exchange-controlled wallets.Photo by Engin Akyurt on PexelsWeaponizing blockchain technologyThe hack had the hallmark of a politically-motivated attack given that rather than the digital assets being stolen, they were sent to vanity addresses, customized blockchain addresses involving user-defined sequences of characters. The vanity addresses contained “politically charged messages” and in sending the funds to them, the funds were effectively burned as they’re now permanently inaccessible.  The firm stated:”This incident highlights how crypto exploits aren’t always financially motivated. Bad actors can weaponize blockchain technology for geopolitical messaging, turning hacks into ideological statements rather than profit-driven crimes.” Pro-Israel hacker group Gonjeshke Darande, also known as “Predatory Sparrow,” appears to have carried out the hack, given that on June 18, it outlined on X that it would release Nobitex’s source code together with other internal information related to the firm’s internal network, while confirming that it had conducted cyberattacks against the company. The group made the following assertion:”The Nobitex exchange is at the heart of the [Iranian] regime’s efforts to finance terror worldwide, as well as being the regime’s favorite sanctions violation tool.” Rafe Pilling, director of threat intelligence at Sophos, a British cybersecurity company, told The Guardian that Predatory Sparrow “bears all the hallmarks of a false persona used by a government-sponsored threat group to conduct disruptive operations against targets” linked to the Iranian government. While Nobitex is estimated to have seven million users, an Open Source Intelligence (OSINT)-based investigation carried out in 2024 linked relatives of Ali Khamenei, Iran’s supreme leader, and other Iranian establishment figures to the crypto exchange. Minimizing systemic riskThe cyber attack has prompted a response from the Iranian government. In a blog post, Chainalysis outlined that the Central Bank of Iran has instructed all domestic crypto exchange platforms to curtail their service hours to between 10 a.m. and 8 p.m. The company speculated that this measure could be motivated by a desire to impose a higher level of oversight and control over the local crypto sector. However, it also suggested that it may be part of an attempt by the Iranian authorities to manage and minimize systemic risk. In recent years, Iran has been subject to extensive international sanctions applied by various entities including the United States, the European Union and the United Nations. Those sanctions have had a significant impact upon the country’s economy, triggering high inflation and currency devaluation.  With that, crypto has been increasingly viewed by the authorities as a means to circumvent sanctions. Last December, the Iranian authorities appeared to be working towards regulating crypto, embracing the asset class in acknowledgement of its growing importance to the Iranian economy. In February, Chainalysis reported that sanctioned entities worldwide had received $15.8 billion in crypto transactions in 2024.

India tightens control with 3,000 police officials trained in crypto investigationsAs the crypto sector continues to develop, authorities continue to get to grips with the new crypto innovation, with India’s law enforcement being the latest entity to look to clamp down.Photo by Naveed Ahmed on UnsplashCrypto forensics and investigation trainingAccording to the Ministry of Home Affairs (MHA) annual report, a comprehensive training initiative was undertaken during the financial year 2022–2023. The initiative, spearheaded by the Narcotics Control Bureau and the Indian Cyber Crime Coordination Centre (I4C), equipped over 2,900 officials with essential skills in cryptocurrency forensics and investigation.Under the aegis of the Narcotics Control Bureau, India’s central law enforcement and intelligence agency, 141 officers underwent specialized training in the investigation of darknet activities, cryptocurrencies and other pertinent areas such as digital footprints.The report stated that workshops were set up that covered techniques for gathering intelligence and evidence from open sources and social media platforms, reflecting a commitment to staying ahead in the ever-evolving landscape of cybercrime.There’s clearly a need for this level of expertise, given an uptick in crypto-related scams in India and the broader Asia region as a whole in recent times. Earlier this week, it emerged that the Indian authorities had arrested eight individuals in relation to a $300 million cryptocurrency scam.Raj Kapoor, the founder of the India Blockchain Alliance (IBA), recently called for greater control when it comes to crypto-related illicit financing. Kapoor stated:”It is a kick on the backside for most governments. All regulatory bodies will take a closer look at crypto regulation. Governments will need to start implementing new rules and regulations.”I4C played a pivotal role in training over 2,800 cyber police officials. The training encompassed crypto forensics, investigations and emerging technologies like anonymization networks. The focus extended to addressing the misuse of mobile applications in the cyberspace realm.Ongoing blockchain tech adoptionAs India proactively prepares to combat potential crypto-related crimes amidst increased adoption, the nation is also delving into mainstream blockchain applications. In a recent stride towards digital transformation, Hindustan Petroleum (HPCL), the state-run oil and gas company, partnered with blockchain software firm Zupple Labs. Together, they launched a blockchain system designed to automate the verification of purchase orders (POs).HPCL’s spokesperson outlined the significance of this implementation to Cointelegraph, stating that the integration helps automate the verification of HPCL POs to external parties, utilizing the blockchain system alongside HPCL’s internal e-PO. This generates tamper-evident, verifiable POs, enhancing efficiency and transparency within industry processes.In a separate development, it emerged on Thursday that India’s Central Bureau of Investigation has appointed Singapore-headquartered digital asset market intelligence outfit Liminal to manage seized digital assets.This holistic approach, combining advancements in law enforcement training and embracing blockchain applications, underscores India’s commitment to navigating the evolving landscape of digital technologies while looking to ensure a secure and transparent future.

South Korean cryptocurrency exchange Flybit, which is operated by the Korean Fintech Industry Association, has passed the post-audit for its Information Security and Privacy Management System certification (ISMS-P), according to local news website News1 on Wednesday (KST).Photo by FlyD on UnsplashRigorous certification standardsThe ISMS-P is a security management system jointly operated by South Korea’s Ministry of Science and ICT and the Personal Information Protection Commission, representing the highest level of security management in the country. It combines 80 requirements for Information Security Management System (ISMS) certification and 22 requirements for Personal Information Management System (PIMS) certification, totaling 102 requirements that must be met. Once obtained, certification is valid for three years, and annual post-audits are required to maintain its validity. Flybit’s commitment to security"Cryptocurrency exchanges are businesses that manage customers' valuable assets. All Flybit members approach their work by recognizing the fact that the protection of personal information is our most important value,” the exchange said. "We will continually strive to maintain security accidents since the establishment of the exchange." Flybit first obtained the ISMS certification in December 2020 and the ISMS-P certification two years later in December 2022. The most recent ISMS-P follow-up audit was conducted last month. After a thorough examination, the results of the audit were delivered by the Korea Internet and Security Agency (KISA) on Dec. 12, which stated that the exchange could maintain its certification. In October last year, the firm also received the highest rating in the comprehensive anti-money laundering (AML) evaluation conducted annually by the Financial Intelligence Unit (FIU) under the Financial Services Commission.