Iran's largest cryptocurrency exchange Nobitex suffered a major security breach that drained approximately $82 million from its digital wallets, with an Israeli-linked hacking group claiming responsibility for the attack.

Predatory Sparrow Hackers Hit Iran With $82M Crypto Heist

The group known as Gonjeshke Darande, which translates to "Predatory Sparrow," announced the hack on social media platform X, warning they would release the exchange's source code and internal documents within 24 hours. The hackers used provocative wallet addresses containing anti-Iranian messaging to move the stolen funds across multiple blockchain networks.

Blockchain investigator ZachXBT first spotted the suspicious transactions, tracking $81.7 million in outflows across Tron, Bitcoin, Dogecoin and Ethereum-compatible networks. The stolen cryptocurrency was funneled through addresses including "TKFuckiRGCTerroristsNoBiTEXy2r7mNX" on the Tron network and "0xffFFfFFffFFffFfFffFFfFfFFFFDead" on Ethereum chains.

According to hackers, Iran has increasingly relied on cryptocurrency exchanges like Nobitex to circumvent international sanctions imposed over its nuclear program and support for regional militant groups. The country's central bank has authorized several domestic exchanges to facilitate crypto trading as an alternative to traditional banking channels blocked by Western sanctions.

Exchange Response and Damage Control

Nobitex confirmed the security incident in a statement posted to X, saying its technical team "detected signs of unauthorized access to a portion of our reporting infrastructure and hot wallet." The exchange immediately suspended all operations and took its website and mobile applications offline while investigating the breach.

"Users' assets are completely secure according to cold storage standards, and the above incident only affected a portion of the assets in hot wallets," Nobitex stated. The company promised that "all damages will be compensated through the insurance fund and Nobitex resources."

Escalating Cyber Warfare

The attack comes just one day after the same hacking group claimed responsibility for a cyberattack on Iran's state-owned Bank Sepah, which is controlled by the Islamic Revolutionary Guard Corps. That incident disrupted banking services and ATM networks across Iran, affecting millions of customers who were unable to access their accounts or receive government salaries.

Gonjeshke Darande accused Nobitex of serving as a key component in Iran's sanctions evasion efforts, calling it "at the heart of the regime's efforts to finance terror worldwide." The group claimed that working at Nobitex is considered equivalent to military service due to its importance to Iran's financial infrastructure.

"The Nobitex exchange is at the heart of the regime's efforts to finance terror worldwide, as well as being the regime's favorite sanctions violation tool," the hackers wrote in their social media post.

Geopolitical Context

The timing of both cyberattacks coincides with escalating military tensions between Israel and Iran. Israel launched multiple strikes on Iranian targets earlier this week, marking the largest attack on Iran since the Iran-Iraq War in the 1980s. The two countries have since engaged in tit-for-tat missile strikes that have resulted in hundreds of casualties.

Cybersecurity experts say the Nobitex hack appears to stem from compromised access controls that allowed attackers to infiltrate internal systems across multiple blockchain networks. Despite the massive theft, security firm Cyvers noted that the stolen funds have not yet been moved or converted to other cryptocurrencies.

“Our system has detected multiple suspicious transactions across several networks,” Cyvers commented.

The breach adds to a growing list of cryptocurrency exchange hacks in 2025, with more than $2.1 billion in digital assets stolen so far this year according to blockchain security firm CertiK. However, this incident stands out due to its apparent geopolitical motivations rather than purely financial ones.

Source: Finance Magnates