Iran's largest crypto exchange Nobitex was hacked, with over 48 million dollars stolen from hot wallets. A cyber-Israeli group is suspected.
The hot wallet of Nobitex, an Iranian cryptocurrency exchange, was recently compromised, leading to the theft of more than $48 million in cryptocurrencies.
The exchange announced on 18 June 2021, in a post on X, that "Someone got their hands on some crypto funds stored in our hot wallets." According to blockchain analyst ZachXBT, the stolen money was converted to USDT (Tether) via the Tron network.
"On the morning of 19 June, our technical team detected signs of unauthorised access to part of our reporting infrastructure and hot wallet. As soon as the issue was identified, all access was suspended and our internal security teams are thoroughly investigating the extent of the incident. We remind users' assets are fully secured to cold storage standards and the incident only affected a portion of the funds in the hot wallets," said Nobitex.
Despite the loss of $48 million, Nobitex assures users that the funds stored in the cold wallets are intact. Furthermore, the exchange stated that it will reimburse all affected users, who would be the only ones affected by the breach. Currently, the website and mobile app are offline while the company continues its investigation.
Nobitex is not the only entity involved: a group called 'Gonjeshke Darande' (meaning 'Predatory Sparrow') claimed responsibility for the attack. Reuters and the Israel Times claimed that the group was linked to Israel, although no evidence of state involvement was provided. According to previous reports, the same group has already struck Iranian infrastructure.
"Within 24 hours we will publish the source code and inside information of Nobitex's network. Any assets left there will be at risk! The Nobitex exchange is at the heart of the regime's efforts to finance terrorism around the world and is the regime's preferred tool for violating sanctions. We, 'Gonjeshke Darande', have been conducting cyber attacks against Nobitex," the group wrote in a post on X (formerly Twitter).
"First and foremost, you help Iran's military operations and teach them how to violate sanctions," the group continued. "You are people who perform military service under Iranian law, so Nobitex is one of the branches of the Iranian military."
The group also threatened to publish the source code and data of the exchange within 24 hours, stating that "anything left on the site will disappear and there will be no point in going back to using the exchange."
Similar accusations have also been levelled at other Iranian institutions such as Bank Sepah, which the group reports has already been hacked for the same reasons.
The attack comes amid rising tensions between Israel and Iran, with missile exchanges in the region highlighting the escalation of cyber warfare.
Eleven Drainer, a new phishing-as-a-service, is expanding its business. Despite the sophistication of the attacks, human error remains the main weakness. The defence lies in user discipline.
The hot wallet of Nobitex, an Iranian cryptocurrency exchange, was recently compromised, leading to the theft of more than $48 million in cryptocurrencies.
The exchange announced on 18 June 2021, in a post on X, that "Someone got their hands on some crypto funds stored in our hot wallets." According to blockchain analyst ZachXBT, the stolen money was converted to USDT (Tether) via the Tron network.
Despite the loss of $48 million, Nobitex assures users that the funds stored in the cold wallets are intact. Furthermore, the exchange stated that it will reimburse all affected users, who would be the only ones affected by the breach. Currently, the website and mobile app are offline while the company continues its investigation.
Nobitex is not the only entity involved: a group called 'Gonjeshke Darande' (meaning 'Predatory Sparrow') claimed responsibility for the attack. Reuters and the Israel Times claimed that the group was linked to Israel, although no evidence of state involvement was provided. According to previous reports, the same group has already struck Iranian infrastructure.
"First and foremost, you help Iran's military operations and teach them how to violate sanctions," the group continued. "You are people who perform military service under Iranian law, so Nobitex is one of the branches of the Iranian military."
The group also threatened to publish the source code and data of the exchange within 24 hours, stating that "anything left on the site will disappear and there will be no point in going back to using the exchange."
Similar accusations have also been levelled at other Iranian institutions such as Bank Sepah, which the group reports has already been hacked for the same reasons.
The attack comes amid rising tensions between Israel and Iran, with missile exchanges in the region highlighting the escalation of cyber warfare.
Read Next
32 Million Upbit Hack: Token Solana to Stars on the Korean Market!
Upbit suspends deposits and withdrawals after a hacker attack that embezzled 32 million in Solana tokens, causing heavy premiums in the Korean market.
UK crypto heist: convictions and self-custody risk
A heist of more than 4.3 million in cryptocurrencies in the UK calls into question the security of self-custody and the risks of the human factor.
Crypto Clash: Beijing Blames US for LuBian's 127,000 BTC Bitcoin Exploit
China accuses Washington of 'draining' 127,000 BTC from LuBian in 2020. Researchers link the exploit to a flaw in key generation.
New Eleven Drainer attack: threat to crypto wallets
Eleven Drainer, a new phishing-as-a-service, is expanding its business. Despite the sophistication of the attacks, human error remains the main weakness. The defence lies in user discipline.