DUBAI, United Arab Emirates (AP) — Hackers with potential hyperlinks to Israel have drained greater than $90 million from Nobitex, Iran’s largest cryptocurrency exchange, based on blockchain analytics companies.
The group that claimed accountability for the hack leaked on Thursday what it stated was the corporate’s full supply code. “ASSETS LEFT IN NOBITEX ARE NOW ENTIRELY OUT IN THE OPEN,” the group wrote on its Telegram account.
The stolen funds have been transferred to addresses bearing messages that criticized Iran’s Revolutionary Guard, Blockchain analytics agency Elliptic wrote in a weblog put up. It stated the assault doubtless was not financially motivated because the wallets the hackers had poured the cash into “successfully burned the funds to be able to ship Nobitex a political message.”
The hackers group, Gonjeshke Darande — “Predatory Sparrow” in Farsi — accused Nobitex of getting helped Iran’s authorities to evade Western sanctions over the nation’s quickly advancing nuclear program and switch cash to militants, in a put up on X claiming the assault.
Nobitex appeared to have confirmed the assault. Its app and web site have been down because it assessed “unauthorized entry” to its techniques, it stated in a put up on X.
The theft spanned a variety of cryptocurrencies, together with Bitcoin, Ethereum, Dogecoin and extra, stated head of nationwide safety intelligence at Chainalysis Andrew Fierman. The breach is “notably vital given the comparatively modest dimension of Iran’s cryptocurrency market,” he added.
The hack seems to be motivated by escalating tensions in the Israel-Iran conflict, which broke out final week when Israel struck Iran’s nuclear sites and military officials, drawing Tehran’s response with barrages of missiles. It got here after the group stated it had destroyed information in a cyberattack towards Iran’s state-controlled Financial institution Sepah on Tuesday.
Elliptic stated that family of Iran’s Supreme Leader Ali Khamenei have been linked to the exchange and that sanctioned Revolutionary Guard operatives had used Nobitex. It shared proof that the exchange had despatched and acquired funds from cryptocurrency wallets managed by Iranian allies together with Yemen’s Houthis and Hamas.
Gonjeshke Darande has beforehand claimed accountability for different high-level cyberattacks towards Iran, together with a 2021 operation that paralyzed fuel stations and a 2022 effort towards a metal mill that sparked a big hearth.
Israeli media have extensively reported that Gonjeshke Darande is linked to Israel however the nation’s authorities has by no means formally acknowledged ties to the group.
U.S. Senators Elizabeth Warren and Angus King final yr raised considerations about Iran’s use of cryptocurrencies to evade sanctions.
Copyright 2025 The Related Press. All rights reserved. This materials is probably not printed, broadcast, rewritten or redistributed with out permission.
