Iranian crypto exchange Nobitex has restored operations after a $100 million hack by a pro-Israel-affiliated hacker group. The attack was the most serious politically motivated hack in the history of the crypto industry.
Follow- up on Nobitex Security Incident, Step-by-step wallet access has begun, 29 June 2025
Please note:
1. This process is being carried out gradually, starting with verified users and initially for spot wallets, followed by other types of wallets.
2. The identity…
— Nobitex | نوبیتکس (@nobitexmarket) June 29, 2025
On June 18, hackers from the Gonjeshke Darande group broke into the system of Nobitex, Iran’s largest crypto exchange, and stole $100 million in assets. The attackers burned $90 million in stolen funds and posted the platform’s entire source code publicly.
Source: X/GonjeshkeDarand
The Nobitex hack was a prime example of how geopolitical conflicts are being extended into the digital space. The pro-Israel group Gonjeshke Darande said it attacked the exchange because of its ties to the Iranian government and its funding of “malicious actors.”
Analytics platform Chainalysis confirmed these accusations in its report. According to the company, Nobitex plays a key role in Iran’s crypto infrastructure, with $11 billion transacted through the exchange, exceeding the combined turnover of the next ten largest Iranian exchanges ($7.5 billion).
Source: Chainalysis
Chainalysis’s blockchain analysis also revealed the platform’s ties to sanctioned entities.
Source: Chainalysis
Almost two weeks after the attack, Nobitex announced the start of a phased restoration of services. On June 30, the exchange plans to resume withdrawals, but only for verified users. Priority will be given to clients who carried out spot trading.
The platform warned users to avoid depositing to old wallets, as this could result in the loss of funds. “Due to the migration of the wallet system, previous addresses are no longer valid and any deposits to them may result in loss of funds,” the exchange said in a statement.
Trading and deposits will be launched gradually, but no specific timeline was given. Iranian authorities have tightened control over domestic crypto exchanges: they can now only operate from 10 a.m. to 8 p.m.
The year 2025 has seen a sharp increase in cyberattacks on crypto platforms. North Korean state-backed hackers are at the forefront of this trend. According to a Friday report, North Korean groups responsible for the $1.5 billion Bybit hack in February have caused nearly 70 percent of all losses from exploits this year.
South Korean officials also said North Korean hacking groups have begun using artificial intelligence tools, including ChatGPT, to steal cryptocurrencies.
eToro: Best platform for beginners and social trading
- Trade cryptocurrencies, stocks, ETFs, and commodities on one easy-to-use platform
- Follow and copy top-performing traders with eToro’s unique social trading tools
- Earn passive income with staking on popular coins like ETH, ADA, and TRX
- Fully regulated in multiple jurisdictions with strong security protocols
- 0% commission on real stock trading and competitive spreads on crypto
- 30+ million registered users across 100+ countries
eToro is a multi-asset investment platform. The value of your investments may go up or down. Your capital is at risk. Don’t invest unless you’re prepared to lose all the money you invest. This is a high-risk investment and you should not expect to be protected if something goes wrong.
Source:: Largest Iranian Exchange Resumes Operations After Hack