{"id":3331,"date":"2025-06-19T05:03:07","date_gmt":"2025-06-19T05:03:07","guid":{"rendered":"https:\/\/bitunikey.com\/news\/over-90m-stolen-from-irans-nobitex-exchange-burnt-by-pro-israel-hacker-group\/"},"modified":"2025-06-19T05:03:08","modified_gmt":"2025-06-19T05:03:08","slug":"over-90m-stolen-from-irans-nobitex-exchange-burnt-by-pro-israel-hacker-group","status":"publish","type":"post","link":"https:\/\/bitunikey.com\/news\/over-90m-stolen-from-irans-nobitex-exchange-burnt-by-pro-israel-hacker-group\/","title":{"rendered":"Over $90M stolen from Iran\u2019s Nobitex exchange burnt by pro-Israel hacker group"},"content":{"rendered":"

<\/p>\n

\n

After breaching Iran\u2019s largest crypto exchange, the pro-Israel hacker group Gonjeshke Darande claimed to have destroyed more than $90 million in digital assets taken from Nobitex\u2019s wallets.<\/p>\n

In a June 18 update<\/a> via X, the group said it had burned the funds across multiple blockchains using \u201cvanity addresses\u201d that contain no recoverable private keys, effectively rendering the assets permanently inaccessible.<\/p>\n

This follows the high-profile exploit of Nobitex, in which over $90 million in Bitcoin (BTC), Ethereum (ETH), Dogecoin (DOGE), and other tokens were drained from hot wallets. The attackers had originally framed the breach as a direct response to Nobitex\u2019s alleged role in helping the Iranian regime circumvent sanctions and fund terrorism.\u00a0<\/p>\n

\n
\n
\n

12 hours ago
8 burn addresses burned $90M from the wallets of the regime’s favorite sanctions violation tool, Nobitex.<\/p>\n

12 hours from now
The source-code of Nobitex will be open to the public, and Nobitex\u2019s walled garden will be without walls. Where do you want your assets to be?\u2026<\/p>\n

\u2014 Gonjeshke Darande (@GonjeshkeDarand) June 18, 2025<\/a><\/p><\/blockquote>\n<\/div>\n<\/figure>\n

The group, also known as Predatory Sparrow, tied the hack to ongoing military and cyber tensions between Iran and Israel, which intensified following Israeli airstrikes on Tehran\u2019s nuclear sites days earlier. Blockchain security platforms like Chainalysis quickly confirmed that the stolen assets had not been transferred to mixers or exchanges, but rather to irretrievable addresses with inflammatory labels.\u00a0<\/p>\n

<\/p>\n

Some of the addresses included phrases like \u201cFuckIRGCTerroristsNoBiTEX,\u201d targeting Iran\u2019s Islamic Revolutionary Guard Corps. One Bitcoin wallet used in the attack is provably unspendable due to its invalid checksum. On Ethereum, tokens were sent to the \u201c0x\u2026dead\u201d burn address commonly used to retire supply permanently.<\/p>\n

In response, Nobitex issued a fresh statement acknowledging the burn. The exchange said that user assets are safe in cold storage and that the situation is now under control. Nobitex clarified that as a precaution, its staff had also emptied hot wallets. It reiterated that no customer funds would be lost, citing its reserve fund and insurance pool.<\/p>\n

\n
\n
\n

Nobitex Announcement No. 4 \u2013 Regarding the Security Incident<\/p>\n

As part of Nobitex\u2019s ongoing response to the recent security incident, we would like to inform our users that the situation is now under control. All external access to our servers has been completely severed.<\/p>\n

If you\u2026<\/p>\n

\u2014 Nobitex | \u0646\u0648\u0628\u06cc\u062a\u06a9\u0633 (@nobitexmarket) June 18, 2025<\/a><\/p><\/blockquote>\n<\/div>\n<\/figure>\n

The attackers have also threatened to release the source code and internal infrastructure data of Nobitex, which could worsen the situation for Iran\u2019s leading cryptocurrency platform, which has over 11 million users. Gonjeshke Darande warned that any assets left on the platform would be at risk if users did not withdraw immediately.<\/p>\n

Despite having no financial motivation, the hack has far-reaching implications. The intentional destruction of more than $90 million worth of digital currency demonstrates how state-level conflicts have turned crypto infrastructure into a new battlefield.<\/p>\n

<\/p><\/div>\n