Key Takeaways:
- Iran-based exchange Nobitex lost over $81 million in a hack exploiting vanity addresses on Tron and EVM-compatible blockchains.
- A pro-Israel hacker group claimed responsibility, threatening to leak Nobitex’s internal files and source code.
- Nobitex confirmed unauthorized access to hot wallets but assured full compensation via insurance and internal funds.
Iranian cryptocurrency exchange Nobitex has been hacked, losing over $81 million in digital assets.
The breach was exposed by onchain analyst ZachXBT, who revealed that funds were stolen across the Tron and Ethereum-compatible blockchains using customized “vanity addresses.”
Follow-up on Nobitex Security Incident — June 18, 2025
— Nobitex | نوبیتکس (@nobitexmarket) June 18, 2025
As previously announced, on the morning of Wednesday, June 18, Nobitex detected unauthorized access to part of its infrastructure — specifically affecting internal communication systems and a segment of the hot wallet…
One such address, containing an anti-Iran message, alone siphoned nearly $49 million.
Nobitex confirmed that its hot wallets experienced unauthorized access and were immediately suspended.
The exchange assured users that cold storage remains secure and that all losses will be covered using its insurance fund and internal resources.
Hakan Unal, senior security lead at Cyvers, said the exploit stemmed from a critical failure in access controls, allowing attackers to infiltrate internal systems.
Surprisingly, the stolen assets remain unmoved.
After the IRGC’s “Bank Sepah” comes the turn of Nobitex
— Gonjeshke Darande (@GonjeshkeDarand) June 18, 2025
WARNING!
In 24 hours, we will release Nobitex's source code and internal information from their internal network.
Any assets that remain there after that point will be at risk!
The Nobitex exchange is at the heart of the… pic.twitter.com/GFyBCPCFIE
A pro-Israel hacker group, Gonjeshke Darande, claimed responsibility for the attack.
The group threatened to release Nobitex’s source code and internal data, warning that remaining assets were still at risk.
They accused Nobitex of helping Iran evade sanctions and financing terrorism, even claiming that employment at Nobitex counts as military service in Iran.
The hack comes amid escalating tensions between Israel and Iran, following Israeli airstrikes and ongoing missile exchanges, which have caused hundreds of casualties.
About The Author
Efe Bravo, a seasoned journalist, delivers compelling insights into the cryptocurrency and blockchain industry.
His articles offer a deep dive into the latest trends, projects, and technological advancements shaping the future of digital finance.
Check Efe out on:
