Iran’s largest cryptocurrency platform, Nobitex, has been hacked by an activist group linked to Israel, known as Gonjeshke Darande (Predatory Sparrow). The attackers reportedly stole over $90 million in crypto, though updated estimates place the stolen amount at around $82 million.
Threatened After Earlier Bank Attack
The hackers posted online:
“After Bank Sepah, it was Nobitex’s turn,”
referring to their previous day’s attack on Iran’s state-owned Bank Sepah.
They threatened to release Nobitex’s internal data and source code within 24 hours, warning that any remaining funds on the platform are “at risk.”
The group accused Nobitex of being part of Iran’s terror-financing network, claiming it helped Iran bypass international sanctions through crypto transactions. They also labeled the platform as a tool of the regime.
Vanity Addresses Used to Burn Funds
Interestingly, the hack does not appear to be financially motivated.
The stolen crypto was sent to “vanity addresses” special addresses with custom names like:
- “1FuckiRGCTerroristsNoBiTEXXX…”
- “DFuckiRGCTerroristsNoBiTEXXX…”
These addresses are nearly impossible to create unless you plan to burn the funds forever.
That means the hackers likely didn’t keep the money, but instead destroyed it as a political message.
It’s still unclear how exactly the attackers broke into Nobitex.
Cybersecurity firm Elliptic confirmed the hack but noted the tools and vulnerabilities used in the breach have not yet been identified.
Nobitex Faces Crisis of Trust
While Nobitex confirmed the attack in a statement, it did not confirm the stolen amount.
With the threat of a source code leak, the exchange is now facing not just financial damage but a severe credibility crisis.
Users who haven’t yet withdrawn their funds could still be at risk, the hackers warned.
