Key Takeaways
- Iran’s largest crypto exchange, Nobitex, was hit by a cyberattack compromising its hot wallet and reporting infrastructure.
- Hackers, identified as Predatory Sparrow, claimed responsibility, threatening to reveal source code and user data.
Nobitex, Iran’s largest crypto exchange, appeared to have suffered a major security breach on Wednesday, resulting in over $48 million in losses, according to blockchain sleuth ZachXBT.
After the incident surfaced, Gonjeshke Darande, also known as Predatory Sparrow, a pro-Israel hacktivist group, claimed they were behind the attack.
The hackers accused Nobitex of helping the Iranian regime bypass sanctions and claimed the Iranian government used the platform as part of its financial and military infrastructure.
The group said it would release Nobitex’s internal source code and data within 24 hours, warning users that any assets left on the platform after that time would be at risk.
After the IRGC’s “Bank Sepah” comes the turn of Nobitex
WARNING!In 24 hours, we will release Nobitex’s source code and internal information from their internal network.
Any assets that remain there after that point will be at risk!The Nobitex exchange is at the heart of the… pic.twitter.com/GFyBCPCFIE
— Gonjeshke Darande (@GonjeshkeDarand) June 18, 2025
In a statement on X, Nobitex said it acknowledged a “security issue” and is investigating, though it has not commented on the group’s claims or confirmed the extent of the data compromise.
“Our technical team detected signs of unauthorized access to a portion of our reporting infrastructure and hot wallet. Immediately upon detection, all access was suspended, and our internal security teams are closely investigating the extent of the incident,” said Nobitex in a statement on X.
The exchange assured users that most assets remain secure in cold storage, saying “users’ assets are completely secure according to cold storage standards, and the above incident only affected a portion of the assets in hot wallets.”
Nobitex has temporarily suspended its website and app operations while investigating the incident.
“Nobitex accepts full responsibility for this incident and assures users that all damages will be compensated through the insurance fund and Nobitex resources,” the exchange stated.
Yesterday, the Predatory Sparrow group also claimed responsibility for a major cyberattack on Iran’s state-owned Bank Sepah, which is controlled by the Islamic Revolutionary Guard Corps (IRGC).
They claimed to have destroyed data at the bank, accusing it of helping to fund Iran’s military and terrorist activities.
This is a developing story. We’ll update as we learn more.
Source: https://cryptobriefing.com/nobitex-cyberattack-iran-exchange/