Crypto News: Nobitex Exchange Fallout Grows With Full Code Leak After $100M Heist

In breaking crypto news this week, a pro-Israel hacktivist group has plunged Iran’s digital asset market into turmoil.

On June 18, Nobitex – the country’s largest cryptocurrency exchange – suffered a major crypto hack that drained an estimated \$90–100 million from its hot wallets.

According to blockchain analytics, the stolen coins, in Bitcoin, Ethereum, Dogecoin, XRP, Solana, Tron and others, were sent to attacker-controlled “burner” addresses with no private keys, effectively destroying the funds as a political statement.

Within 24 hours, the hackers made good on a threat: they published Nobitex’s entire source code online, exposing critical system files and configurations.

Israeli Hackers Drains Nobitex

Crypto news by The Coin Republic yesterday, Nobitex confirmed an unauthorized intrusion in its infrastructure and hot-wallet system.

The exchange shut down its website and mobile app and halted all services to contain the breach. Crypto researchers quickly traced at least $90 million in outflows to cryptocurrency addresses controlled by the hackers.

Elliptic and Chainalysis – leading blockchain forensics firms – say those addresses were “vanity” burner wallets containing anti-IRGC slogans like “F*ckIRGCterrorists”.

Predatory Sparrow, Gonjeshke Darande– a group widely reported as tied to Israeli interests – claimed responsibility. In a post on X (Twitter), they accused Nobitex of financing terrorism and evading sanctions.

The group warned Nobitex users to empty their accounts, saying all remaining assets would be at risk after 24 hours.

This hack came a day after the same group struck Iran’s Bank Sepah, signaling a pattern of politically motivated cyber strikes in the Israel–Iran conflict.

Hackers Burn Crypto, Leak Source Code

Rather than cashing out, the attackers “burned” the crypto to make a statement. Funds were sent to specially crafted addresses for which no keys exist.

Elliptic’s Tom Robinson said cracking those keys would take “billions of years” with today’s computers. The majority of coins – including a reported $55 million in stablecoins – remain locked in those inaccessible wallets.

True to their warning, on June 19 crypto news hit the headlines that the hackers released Nobitex’s full source code and internal documents to the public.

An X (Twitter) post blared, “Time’s up – full source code linked below. ASSETS LEFT IN NOBITEX ARE NOW ENTIRELY OUT IN THE OPEN.”

The leaked data includes server lists, configuration files, and a zip file of Nobitex’s backend code. Security experts warn the disclosure could reveal new vulnerabilities and further endanger any unsecured funds on the exchange.

Nobitex has kept its platform offline since the breach. In a follow-up post on June 19, the company said the incident “only affected a portion of assets held in hot wallets” and that most customer funds were safe in cold storage.

The exchange pledged to cover all losses from its insurance reserve and to compensate users in full. Chainalysis crypto news reports that Nobitex has been moving large amounts of Bitcoin into new offline cold wallets to bolster security.

By Thursday, Nobitex officials were telling users the situation was “under control”. Access remains suspended, but the firm says it will restore service when it can ensure safety.

The company noted that nationwide internet disruptions have slowed recovery efforts. Notably, Nobitex has more than 10 million users and handled over $11 billion in inflows – far more than all other Iranian exchanges combined.

Iran Imposes Crypto Curfew

The hack has also spooked regulators. Crypto news reports emerged that Iranian authorities ordered all domestic crypto platforms to cut back hours, limiting trading to between 10:00 AM and 8:00 PM.

Chainalysis intel said the central bank enacted this crypto curfew immediately after the Nobitex exploit.

Cybersecurity analysts say the Nobitex hack fits a pattern of destructive state-grade attacks. Sophos threat intelligence chief Rafe Pilling noted the Predatory Sparrow group’s methods “bear all the hallmarks of a false persona used by a government-sponsored group”.

He said the group’s focus on Iranian military and financial targets aligns strongly with Israeli strategic priorities, though direct attribution remains unconfirmed.

Elliptic analysts, who tracked the blockchain flows, believe no regular criminal would burn $90M outright; this was a symbolic strike.

Meanwhile, global internet monitors report that Iran is throttling network traffic to guard against further crypto hacks and security breaches.