Newsletters
Iran's largest cryptocurrency exchange, Nobitex, suffered a cyberattack, reportedly resulting in the theft of approximately $81 million on Tuesday, as the company affirmed the breach reports.
The attack is claimed by a pro-Israel hacker group known as "The Predatory Sparrow."
Suspicious outflows were first identified on the Tron blockchain, with blockchain investigator ZachXBT highlighting the breach.
In a Telegram post, ZachXBT reported that the attack exploited assets totaling $81.7 million across Tron, Bitcoin, Dogecoin, and various EVM-compatible chains.
In its post on X, the Predatory Sparrow (Gonjeshke Darande) stated that the breach was part of a broader cyber campaign targeting Iranian institutions, following a cyberattack the previous day on state-owned Bank Sepah.
That attack, attributed to another group called Predatory Sparrow, reportedly destroyed data and was linked to the bank’s ties to the Islamic Revolutionary Guard Corps (IRGC).
The group accused Nobitex of circumventing international sanctions and financing terrorism through digital currencies. It threatened to release the exchange’s internal data within 24 hours.
In a statement shared on the social media platform X, Nobitex confirmed that its technical team had detected “unauthorized access to a portion of our reporting infrastructure and hot wallet.”
The exchange said all access was immediately revoked, and its internal security team has begun a detailed investigation.
Nobitex assured users that most assets remain secure, stating that “users’ assets are completely secure according to cold storage standards, and the above incident only affected a portion of the assets in hot wallets.”
As a precaution, the exchange has temporarily suspended its website and app operations.
The platform also said it accepts “full responsibility for this incident” and pledged to compensate all damages using its insurance fund and internal resources.
5 min read
