Iran's largest cryptocurrency exchange Nobitex recently confirmed that it suffered a severe cyber attack earlier this month, with losses amounting to $100 million. As the impact of the incident gradually emerges, the platform is slowly resuming services and currently only allows users who have completed identity verification to re-access their accounts.
Nobitex announced yesterday via social platform X that it has initiated a limited service recovery process, giving priority to spot trading users for platform functions, but all users must complete identity verification before they can operate their account funds.
Users are warned not to use old wallet addresses
As the platform gradually restores access rights, Nobitex specifically reminds users not to transfer to old wallet addresses. The company points out that as system migration is currently underway, old addresses will be completely abandoned, and depositing assets to these addresses may result in permanent loss of funds.
Although recovery efforts are progressing, withdrawal, deposit, and trading services are still suspended. Nobitex had previously planned to restore some withdrawal functions today, but also admitted that the actual timing may be adjusted based on the progress of the recovery.
The hacker attack is suspected to be related to the Iran-Israel conflict
The attack was claimed by a pro-Israel hacker group calling themselves "Gonjeshke Darande (Predatory Sparrow)". They have publicly claimed responsibility for the attack, stating it was a political retaliation against the Iranian government.
It is alleged that the group not only stole platform assets but also **"destroyed" about $90 million worth of cryptocurrency** and released what they claim to be the complete source code of Nobitex. They accuse Nobitex of having ties with the Iranian government, allegedly providing financial support to malicious actors.
Nobitex denies government background, hacker motives attract attention
In response to these claims, Nobitex CEO Amir Rad publicly denied any connection with the government, emphasizing that Nobitex is a private company. He also added that, according to the company's internal investigation, the attack may have been assisted by the Israeli government, having a clear geopolitical motive.
The report by blockchain data analytics firm Chainalysis also indicated that Nobitex had suspicious transactions with several entities under international sanctions, including ransomware gangs related to the Iranian Islamic Revolutionary Guard Corps and sanctioned Russian cryptocurrency platforms.
Despite ongoing controversies, Nobitex stated it will continue to cooperate with investigations and promises to gradually restore all platform functions while ensuring system security. This incident also highlights the escalating cybersecurity risks faced by cryptocurrency platforms against the backdrop of tense international politics.
