Amid escalating tensions tied to the Israel-Iran conflict, Nobitex—Iran’s largest cryptocurrency exchange—has suffered a major security breach resulting in the loss of approximately $82 million in digital assets.
But in Nobitex’s latest update at the time of writing, the amount of stolen assets is estimated around $100 million instead.
The attack, allegedly carried out by Israeli-affiliated hackers, was first detailed by blockchain investigator ZachXBT, who traced the stolen funds across the Tron network and various Ethereum Virtual Machine (EVM)-compatible blockchains.
According to ZachXBT, the attackers drained around $81.7 million by targeting wallets connected to Nobitex users, prior to Nobitex's latest update
A key element of the exploit involved the use of a “vanity address”—a customised wallet address with a recognisable sequence of characters.
The primary vanity address used in the initial $49 million theft was provocatively named “TKFuckiRGCTerroristsNoBiTEXy2r7mNX,” signalling a politically charged motive.
A second wallet involved in the hack, recorded on Tronscan, bore the conspicuous address “0xffFFfFFffFFffFfFffFFfFfFfFFFFfFfFFFFDead.”
ZachXBT also highlighted suspicious outflows from multiple wallets linked to Nobitex, suggesting a coordinated effort to exploit vulnerabilities across blockchain ecosystems.
Nobitex has confirmed a “security incident,” clarifying that the losses were limited to a portion of its hot wallet assets, while user funds held in cold storage remain secure.
Earlier today, Nobitex disclosed that it detected unauthorised access to both its reporting infrastructure and hot wallet.
In a statement posted on X (formerly known as Twitter), the exchange emphasized that it promptly suspended all access to contain the breach and reassured users that their assets are safe.
Nobitex noted:
“Immediately upon detection, all access was suspended, and our internal security teams are closely investigating the extent of the incident. We would like to remind you that users’ assets are completely secure, adhering to cold storage standards. The above incident only affected a portion of the assets in hot wallets. However, the platform hasn’t publicly revealed specifics about the stolen assets or the alleged perpetrators.”
The hacker group Gonjeshke Darande, also known as Predatory Sparrow and reportedly aligned with pro-Israel interests, has claimed responsibility for the recent breach of Iranian crypto exchange Nobitex.
In a post on their X account, they stated:
“We, ‘Gonjeshke Darande,’ conducted cyberattacks against Nobitex.”
In a pointed statement, the group accused Nobitex of facilitating Iran’s efforts to evade international sanctions, alleging that the platform played a critical role in supporting the regime’s financial and military operations.
The timing of the attack is particularly striking, given Iran’s recent attempts to de-escalate tensions with Israel.
Adding to the pressure, the hackers issued a stark ultimatum: they plan to release Nobitex’s internal source code and sensitive data within 24 hours.
They also warned users that any assets still held on the platform after that window would be exposed and at risk.
They added:
“These cyberattacks are the result of Nobitex being a key regime tool for financing terrorism and violating sanctions. Associating with regime terror financing and sanction violation infrastructure puts your assets at risk. Take action before it’s too late.”
The incident not only underscores the intensifying overlap between cyber warfare and geopolitics but also raises urgent questions about the security and neutrality of crypto platforms in conflict-driven environments.
Senator Cynthia Lummis has reintroduced the BITCOIN Act in the 119th Congress, unveiling revisions to the groundbreaking bill alongside new co-sponsors.
CatherineTrump’s return has fuelled a pardon frenzy, with figures like Sam Bankman-Fried claiming victimhood and Ekim Alptekin offering Biden-related intel for clemency. Is this justice or a competition of influence?
KikyoFormer Meta employees and executives claim the company's no-rehire list unfairly targets skilled veterans for trivial reasons, making return nearly impossible. Meta, however, denies these allegations, stating the list is not influenced by personal grudges or arbitrary decisions.
CatherineOn March 13, 2025, AB DAO announced that AB has been officially listed on BitMart (bitmart.com). Next, AB will soon be listed on Lbank (lbank.com) and Biconomy (biconomy.com), further enhancing global liquidity and ecosystem influence.
AlexAleksej Besciokov, Garantex's lead technical administrator, was arrested in India while vacationing in Kerala. Allegedly tied to illicit finance, he now faces US extradition pending legal proceedings.
CatherineOnchain data shows a trader lost $733,000 in USDC for just $19,000 in USDT due to a sandwich attack, sparking money laundering suspicions.
KikyoMGX invested $2 billion in Binance, marking the crypto exchange’s first institutional deal, and the investment was made entirely in stablecoins. This deal strengthens Binance’s presence in the UAE, positioning the country as a growing hub for digital assets and blockchain technology.
JoyRecent advancements in AI and robotics have sped up the commercialization of robots, especially in industrial settings. Google's announcement follows Figure AI's exit from its collaboration with OpenAI, after achieving an internal breakthrough in AI for robots.
CatherineThe Lazarus hacking group has been linked to six malicious npm packages designed to steal credentials and cryptocurrency data. These fake packages, downloaded over 330 times, target developers and crypto users by disguising as legitimate software.
WeatherlyTikTok's update introduces a first-of-its-kind mindfulness tool, enforcing digital well-being for users under 16. But will it foster relaxation or fuel rebellion?
Kikyo