.png)
3 hours ago
1
ARTICLE AD BOX
- Iranian exchange Nobitex has confirmed that hackers accessed a critical portion of its infrastructure.
- Pro-Israel hacker group Gonjeshke Darande has taken responsibility, claiming the exchange has assisted the current regime through sanctions evasions and terrorism financing.
Reports have suggested that the leading crypto exchange in Iran, Nobitex, may have been exploited with more than $48 million in cryptocurrencies accessed by hackers. This suspicious outflow was earlier spotted and disclosed by on-chain sleuth ZachXBT after observing that the funds were moving from multiple wallets linked to the exchange.
Confirming this report, the communication team at Nobitex hinted that they identified unauthorized access to a critical part of their infrastructure. However, the situation was reported to be under control. Meanwhile, users were asked to remain calm and be assured that they would be fully compensated.
Users’ assets are completely secure according to cold storage standards, and the above incident only affected a portion of the assets in hot wallets…Nobitex takes full responsibility for this incident and assures users that all incurred losses will be fully compensated through the insurance fund and Nobitex resources.
Further investigating where this attack could be coming from, analysts suspected that it could be linked to the escalating geopolitical tension between Iran and Israel. ZachXBT report shows that the threat actors used a “vanity address” to breach the protocol. Vanity address in this context is a public wallet address made up of a “specific, user-defined sequence of characters.”
In this particular operation, $49 million was transferred through the wallet address “TKFuckiRGCTerroristsNoBiTEXy2r7mNX.” Another amount was also transferred through “0xffFFfFFffFFffFfFffFFfFfFfFFFFfFfFFFFDead,” according to Tronscan data.
Source: TronscanExperts also point out that the “IRGC” captured in the first address represents Iran’s “paramilitary force, the Islamic Revolutionary Guard Corps”. Soon after this discovery, a pro-Israel hacker group known as Gonjeshke Darande came out to claim responsibility for this attack.
Reason for the Attack on Nobitex
In an X post, Gonjeshke Darande highlighted that Nobitex plays a crucial role in the current Iranian regime. For this reason, working at the exchange is considered a valid military service.
Also, the pro-Israel hacker group accused Nobitex of being used as a tool to finance terrorism and evade sanctions.
The Nobitex exchange is at the heart of the regime’s efforts to finance terror worldwide, as well as being the regime’s favorite sanctions violation tool. We, “Gonjeshke Darande”, conducted cyberattacks against Nobitex. Nobitex doesn’t even pretend to abide by sanctions. In fact, it publicly instructs users on how to use its infrastructure to bypass sanctions.
Gonjeshke Darande has also assured that its actions against the exchange would not end there, as they would release the “Nobitex’s source code and internal information” obtained from their internal network. According to them, this would be done in just 24 hours; henceforth, any asset remaining there would be at risk.
The current attack adds to the long list of breaches recorded in the crypto industry this year. As noted in our earlier post, stablecoin bank Infini lost around $49 million in USDC in February after the smart contract developer’s admin access was compromised. As also mentioned in our blog post, Bybit hackers stole $1.4 billion in crypto. However, 77% of the stolen funds were still traceable.
In a recent study we reported on, this frequent development has forced the Total Value Locked (TVL) in the Decentralized Finance (DeFi) ecosystem to fall by 30% since December 2022.
The ongoing drama has also triggered a bearish wave within the crypto market, with Bitcoin taking a hit as explained in our last analysis. Meanwhile, our recent analysis also shows that geopolitical tension cannot stop crypto.
English (US)