Iranian cryptocurrency exchange Nobitex has recently experienced a significant security breach, resulting in a loss of more than $48 million. The breach targeted the exchange’s hot wallets, with the company confirming the attack in a post on June 18. Nobitex stated that its technical team detected unauthorized access to a portion of its reporting infrastructure and hot wallet, leading to the immediate suspension of all access while internal security teams investigate the extent of the incident.
The funds that were drained from Nobitex were in Tether’s USDT via the Tron network, as reported by blockchain analyst ZachXBT. Despite the hack, Nobitex has reassured its users that funds in its cold wallet are safe and has promised to reimburse any damages incurred. The company has taken its website and mobile app offline as the investigation continues.
A group known as Gonjeshke Darande, or “Predatory Sparrow,” has claimed responsibility for the hack. This group, described as “Israel-linked” by Reuters and the Israel Times, has a history of targeting Iranian infrastructure. However, there has been no official confirmation of state sponsorship. In a public message on social media, the group accused Nobitex of aiding Iran’s military operations and facilitating users in circumventing global sanctions.
The group alleged that Nobitex is involved in financing terrorism globally and violating sanctions, claiming that the exchange is a favorite tool for the Iranian regime. They also accused Nobitex of providing instructions on bypassing sanctions and suggested that employment at the exchange qualifies as military service under Iranian law. As a threat, the group warned that Nobitex’s source code and internal data would be released within 24 hours, putting any remaining assets on the platform at risk.
Predatory Sparrow has previously claimed responsibility for cyberattacks on other Iranian institutions, including Bank Sepah, citing similar reasons. The breach at Nobitex comes amid escalating tensions between Israel and Iran, with recent missile exchanges between the two countries.
In conclusion, the security breach at Nobitex highlights the ongoing challenges faced by cryptocurrency exchanges in safeguarding user funds and data. The incident serves as a reminder of the importance of robust security measures and proactive risk management in the crypto industry.