Iranian crypto exchange Nobitex partially restarts amid scrutiny following hack

Iran’s largest cryptocurrency exchange, Nobitex, has resumed operations, little over a week after it was targeted by a politically motivated cyberattack that resulted in the loss of $100 million in digital assets. Nobitex has begun restoring wallet access in phases, operators of the exchange said in a June 29 post on X. The process is being rolled out gradually, starting with verified users and prioritising spot wallet services. Access to other wallet types will follow as the system stabilises. According to the announcement, only users who complete identity verification will be allowed to access their wallets. Once user data is confirmed, wallet balances will be displayed in phases. In the meantime, Nobitex has alerted users that delays may occur due to additional security checks and technical conditions, urging users to be patient during the verification period. Users will be allowed to withdraw their holdings starting June 30, with other services such as trading and deposits expected to be restored gradually. However, a fixed timeline for the full return of operations was not disclosed. Nobitex also warned users against depositing assets to old wallet addresses due to a complete migration of its wallet system, noting that doing so may result in the permanent loss of funds. Nobitex hack saw $100 million drained and burned On June 18, Nobitex suffered a major breach when pro-Israel hacking group Gonjeshke Darande, also known as Predatory Sparrow, infiltrated its hot wallets and siphoned off $100 million in cryptocurrencies, including Bitcoin, Ethereum, Dogecoin, Ripple, Solana, and Ton. According to the attackers, the hack was intended to disrupt the Iranian regime’s financial infrastructure. The hackers used vanity wallet addresses embedded with anti-government slogans and later announced that they had burned over $90 million worth of the stolen assets by transferring them to unrecoverable wallets. In a further escalation, the group leaked what it claimed was Nobitex’s full source code and internal infrastructure data. The eight-part leak included server configurations, privacy modules, and deployment systems, raising additional concerns about the platform’s security and the exposure of remaining user funds. Nobitex later confirmed that its cold storage reserves were untouched and subsequently pledged to fully compensate affected users using its insurance fund and internal reserves. Aftermath of the hack In response to the incident, Iranian authorities imposed operational restrictions on all domestic cryptocurrency exchanges, limiting their activity to between 10 am and 8 pm. The Central Bank of Iran implemented the curfew as a measure to reduce systemic risk and to tighten oversight in a sector it views as critical amid ongoing international sanctions. According to data from blockchain analytics firm Chainalysis, Nobitex plays an outsized role in Iran’s crypto economy, having processed over $11 billion in inflows, more than all other Iranian exchanges combined. The exchange has also been linked to wallets associated with sanctioned entities, including IRGC-affiliated groups, Hamas-aligned media, and blacklisted Russian exchanges. Further scrutiny followed an investigation by blockchain intelligence firm Global Ledger, which uncovered patterns of suspicious fund movements predating the recent attack. These included the use of peelchains, one-use wallets, and systematic balance sweeps, techniques often associated with money laundering and transaction obfuscation. The probe also found that Nobitex’s so-called “rescue wallet,” deployed after the breach, had been active for months prior, conducting gradual transfers of large sums. Investigators concluded that these methods indicated deliberate efforts to obscure fund flows, raising questions about the exchange’s operational transparency and potential links to illicit finance. The post Iranian crypto exchange Nobitex partially restarts amid scrutiny following hack appeared first on Invezz

Source: Invezz