Nobitex, the largest cryptocurrency exchange in Iran, confirmed a major security breach this Wednesday after hackers infiltrated its infrastructure and drained funds from its hot wallet. The attack has forced the platform to suspend all services, leaving its website and mobile application offline indefinitely as investigations proceed.
Massive Asset Theft and Digital Sabotage
Public records indicate that the attackers successfully siphoned at least $90 million in assets through a series of unauthorized transactions. Unlike typical cyber-heists aimed at laundering money, blockchain analytics firm Elliptic reports that the perpetrators “burned” the stolen funds. By transferring the cryptocurrency into inaccessible wallets, the hackers have effectively removed the liquidity from circulation.
The breach represents a significant blow to the platform, which serves over 10 million customers, according to archived data from the exchange.
Predatory Sparrow Claims Responsibility
The pro-Israel hacking collective known as Predatory Sparrow, or “Gonjeshke Darande,” has claimed credit for the operation. In a statement posted on X, the group justified the attack by alleging that Nobitex facilitates terrorism financing for the Iranian regime and assists in the evasion of international sanctions.
This incident follows a coordinated cyber-offensive by the same group just 24 hours prior, which targeted Iran’s Bank Sepah and caused widespread ATM outages throughout the country.
Cyber Warfare Amid Military Conflict
These digital strikes occur against the backdrop of escalating direct military tensions between Israel and Iran. While the origins of Predatory Sparrow—which surfaced in 2021—remain opaque, the group has a history of launching destructive cyberattacks against Iranian entities, consistently demonstrating alignment with Israeli strategic interests.
Iranian state media outlet IRIB reported on Tuesday that the country is facing a “massive cyber war” initiated by Israel, aimed specifically at crippling critical digital infrastructure and disrupting essential public services.