Iranian Gunboats Open Fire on Oil Tanker After Crypto Scam for Strait of Hormuz Passage

Iranian Gunboats Fire on Tanker Linked to Crypto Scam for Strait of Hormuz Passage

A distress call from the oil tanker Sanmar Herald has exposed a dangerous new threat in the Strait of Hormuz: cryptocurrency scams enabling armed attacks. The vessel, under fire from Iranian Revolutionary Guard Corps (IRGC) gunboats, believed it had secured safe passage via a fraudulent crypto transaction.

The incident, documented by OSINTtechnical and reported by the UK Maritime Trade Operations (UKMTO) in Warning 037-26, began when two IRGC gunboats approached the tanker 20 nautical miles northeast of Oman. According to the UKMTO report, the gunboats opened fire without issuing a VHF challenge. The tanker and its crew were later confirmed safe, though authorities launched an investigation.

Radio Transmission Captures Attack

The attack was preceded by a frantic radio exchange between the Sanmar Herald and the IRGC Navy:

Sanmar Herald: “Sepah Navy, Sepah Navy, this is Motor Vessel, Sanmar Herald. You gave me clearance to go. My name, second name on your list. You gave me clearance to go. You are firing now. Let me turn back.”

Crypto Scam Enables Armed Assault

The Sanmar Herald’s ordeal appears tied to a cryptocurrency scam targeting shipowners navigating the Strait of Hormuz. Greek maritime risk firm MARISKS warned clients that unknown actors, claiming to represent Iranian authorities, demanded transit fees in Bitcoin (BTC) or Tether (USDT) for safe passage.

According to MARISKS, at least one vessel that came under gunfire on April 18 while attempting to exit the strait was believed to have fallen for the fraud. Reuters noted it could not independently verify which firms received the fraudulent messages.

How the Scam Worked

The fraudulent scheme outlined a multi-step process:

• Shipowners received messages claiming to be from “Iranian Security Services.”
• They were instructed to pay a fee in BTC or USDT for transit authorization.
• Once payment was made, vessels were allegedly granted “unimpeded” passage at a “pre-agreed time.”

The scam exploited recent reports that Iran had begun accepting cryptocurrency for ship clearances, turning a critical chokepoint into a high-stakes arena where digital fraud and geopolitical control intersect.

Geopolitical Risks in the Strait of Hormuz

The Strait of Hormuz, a 21-mile-wide waterway connecting the Persian Gulf to the Gulf of Oman, handles nearly 20% of the world’s oil supply. Recent tensions have seen Iran demand payments in cryptocurrency for ship clearances, adding a new layer of complexity to an already volatile region.

This incident underscores the risks faced by commercial vessels operating in militarized zones where authorization is no longer guaranteed by traditional maritime law, but by unstable digital transactions and shifting political demands.

Investigation and Unanswered Questions

While the attack and crypto scam are well-documented, key details remain unclear:

• The direct payment trail linking the Sanmar Herald to the crypto scam has not been publicly verified.
• Reuters could not confirm which shipping firms received the fraudulent messages.
• Authorities have not disclosed whether the Sanmar Herald made any cryptocurrency payments.

Despite these gaps, the overlap between the documented attack and the documented scam is too significant to ignore, raising serious concerns about the future of maritime security in the region.