The Iranian crypto exchange Nobitex has fallen victim to a massive cyberattack, with an estimated 100 million USD in cryptocurrencies stolen.
The pro-Israeli hacker group Gonjeshke Darande (also known as "Predatory Sparrow") claimed responsibility for the attack, stating that the stolen funds were transferred to so-called "burner addresses" to permanently remove them from circulation. This action suggests that the hack was politically motivated rather than driven by financial gain, as reported by CNN here.
Subscribe to our newsletter
The best articles of the week, directly delivered into your mailbox.
Political motives behind the attack
The hacker group stated that Nobitex served as a key tool for the Iranian government to circumvent international sanctions and fund activities considered terrorist. The stolen cryptocurrencies, including Bitcoin, Ethereum, and Dogecoin, were transferred to addresses containing publicly visible messages such as "F*ckIRGCterrorists," underlining the political intent of the attack.
Following the attack, the hacker group released the full source code of the Nobitex platform, further exposing security vulnerabilities and endangering remaining user funds. Nobitex responded by temporarily taking its website and app offline, assuring users that customer funds were protected through an internal reserve fund system. CVJ.CH was unable to independently verify this claim.
Impact on Iran and the global crypto community
The incident has not only shaken the crypto community but also led to nationwide internet and phone blackouts, as the Iranian government attempted to fend off further cyberattacks. Analysts view the attack as another escalation in the conflict between Iran and Israel. The events highlight the growing importance of cyber operations in geopolitical confrontations and the vulnerability of critical infrastructure in the digital age.
The attack on Nobitex is a prime example of how cryptocurrencies are increasingly becoming targets in geopolitical conflicts. While digital assets were originally intended to represent decentralization and independence, they are now more frequently being used as strategic tools in cyber wars. The political message from the hacker group and the deliberate destruction of assets signal a new era in which financial infrastructure is targeted to economically weaken states and intensify international tensions.
