According to CoinDesk’s April 22 report, Marisks, a maritime risk services firm in Greece, issued a warning saying scammers are impersonating Iranian authorities and sending messages to multiple shipping companies to demand Bitcoin or USDT as “tolls” to pass through the Strait of Hormuz. Marisks confirmed that the relevant messages are not coming from official Iranian channels, and, according to Reuters, said it believes at least one ship was deceived and still came under shelling when it attempted to pass over the weekend.
Marisks Warns: Original Scam Message vs. Verification Statement
According to the scam message posted publicly by Marisks, the message’s original text states: “After submitting the documents and having our eligibility assessed by Iran’s security departments, we will determine the fee that must be paid in cryptocurrency (BTC or USDT). At that time, your vessel may pass through the strait freely during the agreed time.”
In its statement, Marisks said, “These specific messages are a scam,” and confirmed the content is not from any official Iranian channel. According to Reuters, Marisks believes that after at least one ship paid following deception, it was still shelled when it tried to pass through the Strait of Hormuz.
Strait of Hormuz Background: Blockade Situation and Iran’s Official Crypto Fee Proposal
According to public reports, since the war between the United States and Israel against Iran began on February 28, 2026, Iran has essentially blocked shipping through the Strait of Hormuz, and currently about 20,000 tankers and cargo ships are stuck in the bay. About a week ago, U.S. President Trump ordered a naval blockade of the Strait of Hormuz and has already seized an Iranian vessel that attempted to evade the blockade.
On April 9, 2026, Hamid Hosseini (a spokesperson for the Federation of Petroleum, Natural Gas, and Petrochemical Products Exporters), said that Iran had previously proposed charging vessels transiting through the strait a crypto toll, with the fee possibly calculated in Bitcoin. As of the time of CoinDesk’s report, Iran had not yet responded to the Marisks scam warning.
Frequently Asked Questions
Who issued the warning about the crypto toll scam for the Strait of Hormuz?
According to CoinDesk’s April 22, 2026 report, the warning was issued by Marisks, a maritime risk services firm in Greece. Marisks confirmed the scam messages are not from official Iranian channels and indicated it believes that at least one ship was deceived and shelled when it attempted to pass through the strait.
What cryptocurrencies did the scam message request, and what did it claim the funds were for?
According to the scam message published by Marisks, the scammers requested Bitcoin (BTC) or USDT, claiming that paying would ensure safe passage through the Strait of Hormuz.
Did Iran officially propose charging transiting vessels crypto fees?
According to public reports, on April 9, 2026, Hamid Hosseini, a spokesperson for the Federation of Petroleum, Natural Gas, and Petrochemical Products Exporters, said Iran had proposed charging crypto tolls, with the fee possibly calculated in Bitcoin; however, the scam messages warned about by Marisks have already been confirmed as not coming from official Iranian channels.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Misty 23pds Alert: Lazarus Group releases a new macOS toolkit targeting cryptocurrencies
Misty’s Chief Information Security Officer 23pds issued an alert on April 22, stating that the North Korean hacking group Lazarus Group has released a new native macOS malware toolkit called “Mach-O Man,”专a专专专專專專 specialized in the cryptocurrency industry and high-value enterprise executives.
MarketWhisper42m ago
Justin Sun Sues World Liberty Financial Over Frozen WLFI Tokens and Governance Rights
Gate News message, April 22 — Justin Sun has filed a lawsuit in California federal court against World Liberty Financial (WLF), a DeFi project backed by Eric Trump and Donald Trump Jr., alleging that the team froze all his WLFI holdings, removed his voting rights, and threatened to permanently burn
GateNews2h ago
Venus Protocol 攻擊者轉移 2301 枚 ETH,流入 Tornado Cash 清洗
According to the on-chain analyst Ai Auntie’s monitoring on April 22, the Venus Protocol attacker transferred 2,301 ETH (about $5.32 million) to address 0xa21…23A7f 11 hours ago, then moved the funds in batches into the crypto mixer Tornado Cash for laundering; as of the time of monitoring, the attacker still held about $17.45 million worth of ETH on-chain.
MarketWhisper2h ago
CometBFT zero-day vulnerability exposed, $8.0 billion Cosmos network nodes face a risk of permanent lockup
Security researcher Doyeon Park disclosed on April 21 that there is a high-severity zero-day vulnerability rated CVSS 7.1 in the Cosmos consensus layer CometBFT. It could allow a malicious peer node to attack nodes during the block synchronization (BlockSync) stage and cause them to deadlock, impacting a network that safeguards more than $8 billion in assets.
MarketWhisper2h ago
North Korean Lazarus Group Releases New Mach-O Man macOS Malware Targeting Crypto
Summary: Lazarus Group released a native macOS malware toolkit named Mach-O Man, aimed at crypto platforms and high-value executives; SlowMist warns users to exercise caution against attacks.
Abstract: The article reports that the Lazarus Group has unveiled Mach-O Man, a macOS-native malware toolkit aimed at cryptocurrency platforms and high-value executives. SlowMist warns users to exercise caution to mitigate potential attacks.
GateNews3h ago
RHEA Finance Security Incident Update: About a $400k shortfall remains, with a commitment to fully compensate it
RHEA Finance has released a follow-up update regarding the security incident on April 16, confirming that there has been tangible progress in recovering assets. As of this update, it is estimated that there is still an approximately $400k funding gap, mainly due to the combination of NEAR, USDT, and USDC in the lending market liquidity pool. RHEA Finance has committed to fully cover any remaining shortfall to ensure that all affected users receive full compensation.
MarketWhisper3h ago
