TLDR
- Nobitex lost approximately $90 million in the attack.
- Over 7 million users are served by Nobitex.
- Nobitex is enhancing security protocols post-attack.
Iranian cryptocurrency exchange Nobitex resumed operations following a significant hack on its platform. The cyberattack, attributed to pro-Israeli hacker group Gonjeshke Darande, led to losses worth approximately $90 million in digital assets.
Nobitex serves over 7 million users and has experienced more than $11 billion in inflows, making the attack one of the most notable within Iran’s crypto industry. The incident underscores ongoing cybersecurity challenges facing exchanges operating in geopolitically sensitive regions.
Details of the Cyberattack
The cyberattack on Nobitex was disclosed on June 18, 2025, when the exchange reported unauthorized access to its infrastructure. The breach primarily affected Nobitex’s internal communication systems and part of its hot wallet, which holds a minority of user assets.
Despite these disruptions, Nobitex assured in a statement that users’ assets stored according to cold storage protocols remained unaffected. The exchange committed to compensating for the losses utilizing its insurance fund and internal reserves.
Response and Recovery Efforts
In a follow-up message on June 29, 2025, Nobitex expressed gratitude to its users for their patience during the restoration of services. The exchange emphasized its dedication to maintaining the integrity and security of user accounts.
Nobitex has implemented security migrations, moving its hot wallets to new addresses. This requires affected users to update their deposit addresses for future transactions. The exchange is gradually resuming services under enhanced security protocols.
Assets Affected and Market Impact
The attack impacted a variety of cryptocurrencies held in Nobitex’s hot wallet, including major assets like ETH and BTC. While exact details of additional assets compromised were not disclosed, the method of the attack suggests other standard exchange assets could be involved.
The incident also affected trading volumes and liquidity within Iran’s crypto market, highlighting the interconnected nature of exchanges and global digital asset flows. Adjustments to user deposit addresses are part of the broader market’s response to restore operational stability.
Ongoing Investigation and Security Enhancements
Investigations are ongoing to gather more information about the attack’s specifics and prevent further breaches. Nobitex has not revealed any collaboration with external entities concerning financial aid or institutional partnerships to address the breach.
The attack aligns with previous cyber incidents in the industry, such as the KuCoin hack and Ronin bridge exploit, fostering comparisons due to the scale and geopolitical implications. External comments have yet to emerge from major international authorities or financial regulators.
“The Nobitex exchange is at the heart of the regime’s efforts to finance terror worldwide, as well as being the regime’s favorite sanctions violation tool.”
Gonjeshke Darande| Disclaimer: The content on defiliban.com is provided for informational purposes only and should not be considered financial or investment advice. Cryptocurrency investments carry inherent risks. Please consult a qualified financial advisor before making any investment decisions. |
