Nobitex, Iran’s top cryptocurrency exchange, revealed that it had lost $48 million in a major security breach.
The exchange said that an unauthorised party accessed parts of its notification system and its hot wallet. Nobitex halted all services and shut down access immediately to contain the damage.
How the Attack Unfolded?
In an official statement, Nobitex said it detected the breach in its hot wallet and notification servers. The exchange moved quickly to lock down its systems and stop further transfers.
Despite the shutdown, preliminary analysis by blockchain investigator ZachXBT found that nearly $49 million had already been moved. The funds went through a series of rapid transfers to unknown addresses on the Tron network.
Group Claims Responsibility
A group calling itself Gonjeshke Darande, or Predatory Sparrow, has claimed credit for the hack. This group has been linked to earlier attacks on Iranian infrastructure.
Onchain Labs reported that Gonjeshke Darande was behind cyber strikes that disabled most of Iran’s gas stations and targeted Bank Sepah. These operations appeared to be part of a broader campaign against Iran’s digital networks amid rising tensions with Israel.
Impact on Users and Services
Nobitex reassured users that assets stored in cold wallets remain safe. The exchange said it will cover all losses from its insurance fund and its own resources.
Despite this promise, all trading and withdrawal functions are on hold while investigators assess the full scope of the incident. The pause has left many traders unable to move funds or access market data on the platform.
Security Measures and Future Steps
The breach has raised urgent questions about the state of security at digital asset firms in Iran. Nobitex said it will review and strengthen its hot wallet protections and improve monitoring across all systems.
Also Read: Phemex Exchange Hack: Reports Suggest Involvement of North Korea in the $70M Crypto Heist
The exchange plans to work with external experts and regulators to boost its defences. Nobitex also pledged to keep customers informed as it restores services step by step.
Rising Crypto Exchange Hacks in 2025
This incident is one of many high-profile attacks on crypto platforms so far in 2025. Several exchanges and digital wallet providers around the world have reported losses from similar intrusions.
Experts say that improved blockchain tracing tools have exposed more attacks this year. At the same time, more hackers are targeting crypto firms as their technology and user bases grow. The trend highlights a need for stronger security standards industry-wide.
Wider Regional Implications
The hack at Nobitex comes amid a tense standoff between Iran and Israel. Previous cyber strikes have hit Iranian energy sites and banks. This new attack shows that digital finance systems are now part of the front lines.
If left unchecked, such breaches could undermine confidence in local and regional crypto markets. They may also complicate relations between nations already at odds.
Exchange Response and User Support
To limit customer losses, Nobitex said it will use its insurance pool to reimburse users for stolen funds. The exchange has set up a dedicated support line for affected clients. It also plans to run a full audit of its systems and share a public report once the investigation ends.
As Nobitex works to restore its platform, other exchanges will watch closely. This attack may spur more firms to adopt tighter controls around hot wallets. It could also push regulators in Iran and beyond to set firmer rules for digital asset security.
Also Read: Bitrue Exchange Hackers Move $30 Million in Stolen Crypto to Fresh Wallet Addresses