Friday, August 22, 2025

Pro-Israel Hackers Drain $90M From Iran’s Largest Crypto Exchange

A sophisticated Israeli-linked hacking group drained more than $90 million from Iran’s largest cryptocurrency exchange in what appears to be a state-sponsored cyberattack targeting the country’s sanctions-evasion infrastructure, as the two nations entered their sixth day of direct military conflict.

The group known as Predatory Sparrow, or Gonjeshke Darande in Persian, claimed responsibility Wednesday for the devastating hack of Nobitex, which has served as a critical financial lifeline for Iran under heavy international sanctions. The hackers accused Nobitex of being “at the heart of the regime’s efforts to finance terror worldwide” and serving as Iran’s “favorite sanctions violation tool.”

Blockchain analysis firm Elliptic confirmed that over $90 million was sent from Nobitex hot wallets to hacker-controlled addresses, using provocative wallet names containing anti-Iranian messaging. The stolen funds were moved across multiple blockchain, including Bitcoin, Ethereum, Tron, and Dogecoin.

The attack represents a dramatic escalation in the cyber dimension of the Israel-Iran conflict, which erupted Friday when Israel launched unprecedented strikes on Iranian nuclear facilities. The strikes killed over 200 Iranian civilians and targeted key atomic sites, including the Natanz nuclear facility, prompting Iranian retaliation with ballistic missiles targeting Israeli cities.

Predatory Sparrow is believed to be linked to Israeli Military Intelligence and has previously claimed responsibility for cyberattacks that forced Iranian steel companies to halt production and paralyzed gas stations across the country. Anonymous US defense officials have told media outlets that previous operations targeting Iranian gas stations were carried out by Israel.

Research by multiple blockchain intelligence firms has documented Nobitex’s central role in helping Iran circumvent international sanctions. Reuters reported that nearly $8 billion flowed between Nobitex and cryptocurrency exchange Binance from 2018 to 2022, with Nobitex offering guidance on its website for skirting sanctions.

Open source investigations have identified relatives of Supreme Leader Ali Khamenei and IRGC-linked business partners as connected to Nobitex, while the exchange has facilitated transactions with sanctioned operatives accused of ransomware operations. Analysis shows the platform has processed transactions with Hamas, Palestinian Islamic Jihad, and Houthi-affiliated networks.

The Nobitex hack came one day after Predatory Sparrow claimed responsibility for disrupting Iran’s state-owned Bank Sepah, which serves the Islamic Revolutionary Guard Corps. The banking attack allegedly “destroyed all data” and left customers unable to access accounts or receive government salaries.

The group warned it would release Nobitex’s source code and internal documents within 24 hours, claiming that working at the exchange “is considered equivalent to military service due to its importance to Iran’s financial infrastructure.”

The cyber assault occurred as President Donald Trump weighs whether to authorize US military strikes on Iran’s deeply buried Fordow nuclear facility, which only American bunker-busting weapons could effectively destroy. The Israeli attacks began the day after expiration of a two-month US deadline for Iran to reach a nuclear deal.

Nobitex confirmed the security breach and promised full compensation to affected users through insurance funds. The exchange said the majority of user assets remained secure in cold storage systems offline.



Information for this story was found via the sources and companies mentioned. The author has no securities or affiliations related to the organizations discussed. Not a recommendation to buy or sell. Always do additional research and consult a professional before purchasing a security. The author holds no licenses.

Video Articles

A Medical Breakthrough the Market Overlooked | David Elsley – Cardiol Therapeutics

Why Grade Beats Size in Silver Mining | Frank Basa – Nord Precious Metals

Are Investors Missing the Start of the Next Commodity Supercycle? | Morgan Lekstrom – NexMetals

Recommended

Emerita Resources Expands El Cura Drill Program By 10,000 Metres As Deposit Remains Open For Expansion

ESGold Signs MOU For Tailings Project In Colombia With Grades Up To 42 g/t Gold, 280 g/t Silver

Related News

FBI Probes Leaked Iran Damage Report as Trump Disputes Findings

It appears Defense Secretary Pete Hegseth now hates leaks. On Wednesday, he said the FBI...

Thursday, June 26, 2025, 11:35:00 AM

Iran’s Oil Exports Plummet as Israel-Iran Conflict Escalates

Recent data from S&P Global Commodities at Sea reveals a significant drop in Iran’s crude...

Thursday, October 10, 2024, 07:59:40 AM

Where Will Canada Side on the Iran-Israel War?

When the G7, currently chaired by Canada, wrapped its summit in Banff, the communiqué on...

Sunday, June 22, 2025, 09:00:00 AM

Oil Jumps Amid Reports of Iran Preparing for Retaliation

Crude oil markets experienced a sharp upswing in late trading Thursday as intelligence reports emerged...

Friday, November 1, 2024, 08:01:35 AM

US Investigates Major Telecom Hack Linked to Chinese Intelligence

A major cybersecurity breach linked to the Chinese government has compromised the networks of several...

Monday, October 7, 2024, 10:17:53 AM