Nobitex Gradually Recovers from Devastating Hack
Iran’s largest crypto exchange, Nobitex, is gradually restarting its services after it was struck by a politically motivated hack early in the month. The exchange was hacked by pro-Israel hacking collective Gonjeshke Darande, which stole $100 million and brought operations to a grinding halt.
Verified Users Get First Access
In an official release, Nobitex said that wallet access shall be provided only to those users who have completed identity verification, with priority for those trading on the spot exchange. The withdrawal services shall be resumed on June 30, while other operations like trading and deposits have been resumed in phases, without any timeline.
The exchange warned users not to deposit funds to their old wallet addresses due to a system migration. “Old addresses are no longer valid,” Nobitex alerted. “Depositing to old addresses can result in loss of funds.”
Hack Driven by Political Tensions
The assault, which occurred on June 18, was alleged to be politically motivated while Iran-Israel tensions persisted. Gonjeshke Darande, a pro-Israel hacking group, claimed responsibility, burning $90 million worth of stolen crypto and releasing Nobitex’s source code.
Blockchain analytics firm Chainalysis characterized Nobitex as the center of Iran’s cryptocurrency ecosystem, with $11 billion in inflows—far more than all other Iranian exchanges combined. Chainalysis also linked Nobitex to sanctioned entities and other malicious actors.
Iranian Government Imposes Restrictions
The Iranian government then placed new operating restrictions on domestic cryptocurrency exchanges, limiting their hours of operation to between 10 am and 8 pm daily.
Surge in State-Sponsored Cyberattacks
Nobitex’s hack is also part of a broader wave of politically driven cyberattacks in 2025. State-sponsored North Korean hackers are responsible for nearly 70% of the year’s crypto-based attacks, including the massive $1.5 billion Bybit hack in February.
South Korean intelligence recently warned that these actors are now using AI tools like ChatGPT to refine their cyber warfare, further increasing risks in the digital asset ecosystem.
