TLDR

Nobitex resumes limited services after $90M hack in June, with verified users gaining access first
Pro-Israel hacker group Gonjeshke Darande claimed responsibility, burned stolen funds and leaked source code
Exchange migrated user wallets and warns against deposits to old addresses
Nobitex dominates Iran’s crypto market with $11B in inflows versus $7.5B for next ten competitors combined
Withdrawals expected to resume June 30 with trading and deposits rolling out gradually

Iran’s largest cryptocurrency exchange Nobitex has started restoring services following a $90 million hack earlier this month. The exchange is taking a cautious approach to reopening after the attack by a pro-Israel hacker group.

Verified users can now access their accounts on the platform. However, deposit, withdrawal and trading functions remain disabled for all users currently.

The company announced withdrawals should resume by June 30. Trading and deposit services will return gradually with no specific timeline provided.

Source: Nobitex

The hack was carried out by Gonjeshke Darande, a group claiming to act in Israeli interests. The hackers destroyed $90 million worth of stolen crypto assets after the attack.

The group also released portions of Nobitex’s source code online. The full extent of the code exposure has not been disclosed by the exchange.

TRM Labs suggested information from the hack may have helped Israeli authorities arrest Iranian agents. These agents were reportedly paid through cryptocurrency channels according to the blockchain intelligence firm.

Platform Security Overhaul

Nobitex migrated all user wallets to new addresses following the breach. The exchange warned users not to deposit funds to previous wallet addresses.

“Due to the wallet system migration, previous addresses are no longer valid,” the company stated. Any deposits to old addresses could result in permanent loss of funds.

The exchange has not provided technical details about the new wallet structure. It also declined to explain exactly how the original breach occurred.

CEO Amir Rad said the company is working with cybersecurity experts on an internal investigation. The development team continues monitoring all platform activity.

Market Position and Allegations

Chainalysis data shows Nobitex processed over $11 billion in crypto inflows. The next ten largest Iranian exchanges combined reached only $7.5 billion in comparison.

The same report linked Nobitex to sanctioned Russian platforms and ransomware operators. These connections allegedly tied back to Iran’s Islamic Revolutionary Guard Corps.

CEO Rad denied any government or military connections for the company. He emphasized Nobitex operates as a private business without state ties.

“The attack was well-funded and aligned with the interests of a foreign state,” Rad said on social media. He was referring to Israel in his statement about the hack.

The hacker group claimed they targeted Nobitex due to its alleged government connections. They said the exchange funds malicious actors through its operations.

Iranian authorities have imposed new restrictions on domestic crypto exchanges since the hack. These platforms can now only operate between 10 AM and 8 PM daily.

Nobitex continues updating users through social media during the recovery process. The company is prioritizing system stability before resuming full operations.

The June attack ranks among the largest known crypto hacks targeting Iranian platforms. Service restoration will proceed gradually as security measures are implemented.

The post Nobitex Exchange Begins Recovery After $90M Hack by Pro-Israel Group appeared first on CoinCentral.

---

Filed under: News - @ June 30, 2025 9:25 am