Unlock the Secrets of Ethical Hacking!
Ready to dive into the world of offensive security? This course gives you the Black Hat hacker’s perspective, teaching you attack techniques to defend against malicious activity. Learn to hack Android and Windows systems, create undetectable malware and ransomware, and even master spoofing techniques. Start your first hack in just one hour!
Enroll now and gain industry-standard knowledge: Enroll Now!
Key Notes
- Investigators revealed the use of vanity addresses for the exploit, with one address stealing $49 million initially.
- Nobitex confirmed the “security incident,” claiming that only hot wallet assets were affected and user funds in cold storage remained safe.
- The pro-Israel hacker group Gonjeshke Darande, or Predatory Sparrow, claimed responsibility for the attack, accusing Nobitex of aiding Iran in evading sanctions.
Nobitex, an Iran-based crypto exchange, lost a massive $82 million in crypto following a recent attack allegedly by Israeli attackers. Blockchain investigator ZachXBT disclosed details of this attack, noting that the attackers drained this massive sum by stealing assets across the Tron Network and other Ethereum Virtual Machine (EVM)-compatible blockchains.
According to @zachxbt, the pro-Israel hacker group Gonjeshke Darande attacked the Iranian crypto exchange #Nobitex and stole $82M in assets.
Including
55M $USDT,
39.41M $DOGE ($6.72M)
255.65 B $PEPE ($2.61M)
18.47 $BTC ($1.94M)
…Source:https://t.co/efpjFCKytI
Attacker… pic.twitter.com/y21WIuf9kG
— Lookonchain (@lookonchain) June 18, 2025
The blockchain investigator also noted that attackers have been leveraging a “vanity address” in order to exploit the protocol, which led to “suspicious outflows” from several wallets linked to Nobitex. A vanity address is a customized public wallet address featuring a specific, user-defined sequence of characters.
Moreover, the attackers stole the initial $49 million by using the vanity address “TKFuckiRGCTerroristsNoBiTEXy2r7mNX”. However, data from Tronscan also shows that the second address involved in the exploit was “0xffFFfFFffFFffFfFffFFfFfFfFFFFfFfFFFFDead.”
Iranian Crypto Exchange Nobitex Assures Funds Are SAFU
Iranian crypto exchange Nobitex acknowledged the “security incident,” stating that losses were confined to “a portion of hot wallet assets,” with user funds reportedly secure in cold storage.
Earlier today, the exchange announced that it had detected unauthorized access to its reporting infrastructure and hot wallet. In a post on X, Nobitex confirmed it had promptly suspended access and reassured users that their assets remained safe. Nobitex noted:
“Immediately upon detection, all access was suspended, and our internal security teams are closely investigating the extent of the incident. We would like to remind you that users’ assets are completely secure, adhering to cold storage standards. The above incident only affected a portion of the assets in hot wallets. However, the platform hasn’t publicly revealed specifics about the stolen assets or the alleged perpetrators.”
Who Is Behind the Hack?
The hacker group Gonjeshke Darande, also known as Predatory Sparrow and allegedly linked to pro-Israel interests, has claimed responsibility for the Nobitex crypto hack.
In a post on their X account, they stated, “We, ‘Gonjeshke Darande,’ conducted cyberattacks against Nobitex.”
پس از بانک سپه، نوبت Nobitex شد
هشدار!در 24 ساعت آینده، کد منبع نوبیتکس و اطلاعات داخلی از شبکه داخلی آن را منتشر خواهیم کرد.
هر دارایی که پس از آن در آنجا باقی بماند در معرض خطر خواهد بود!صرافی نوبیتکس در قلب تلاش های رژیم برای تامین مالی ترور در سراسر جهان قرار دارد.
این… pic.twitter.com/IXoFrQBlAK— Gonjeshke Darande (@GonjeshkeDarand) June 18, 2025
Additionally, the hackers also accused Nobitex of assisting the Iranian regime in evading sanctions, while alleging that the Iranian crypto exchange played a critical role in supporting the government’s financial and military activities.
The attackers issued a warning, threatening to release Nobitex’s internal source code and data within 24 hours while cautioning users that any assets still on the platform after the deadline would be at risk.
next
Disclaimer: Coinspeaker is committed to providing unbiased and transparent reporting. This article aims to deliver accurate and timely information but should not be taken as financial or investment advice. Since market conditions can change rapidly, we encourage you to verify information on your own and consult with a professional before making any decisions based on this content.
Bhushan is a FinTech enthusiast and holds a good flair in understanding financial markets. His interest in economics and finance draw his attention towards the new emerging Blockchain Technology and Cryptocurrency markets. He is continuously in a learning process and keeps himself motivated by sharing his acquired knowledge. In free time he reads thriller fictions novels and sometimes explore his culinary skills.
Unlock the Secrets of Ethical Hacking!
Ready to dive into the world of offensive security? This course gives you the Black Hat hacker’s perspective, teaching you attack techniques to defend against malicious activity. Learn to hack Android and Windows systems, create undetectable malware and ransomware, and even master spoofing techniques. Start your first hack in just one hour!
Enroll now and gain industry-standard knowledge: Enroll Now!
0 Comments