Amid escalating digital warfare in the Middle East, hacker group Gonjeshke Darande attacked the Iranian exchange Nobitex. The resulting code leak and theft of over $100 million left the platform vulnerable.
Overview of the Attack
The group Gonjeshke Darande, which translates to Predatory Sparrow, claimed responsibility for the cyberattack on Nobitex on Wednesday, following up on Thursday by publishing the full source code of the exchange, including scripts and infrastructure data. In a post on X, they stated, "This is it. Assets left in Nobitex are now entirely out in the open." The leak effectively dismantles the platform’s security, leaving user assets susceptible to theft.
Nobitex's Response
Nobitex stated that it is working to restore services within five days but noted that ongoing internet restrictions in Iran may delay progress. In its latest statement, the exchange condemned the attack as a hit against ordinary Iranians, claiming it "targeted the peace of mind and assets of our fellow citizens under false pretenses." Nobitex also assured that no further funds had been lost since the code dump.
Implications for the Iranian Crypto Market
Following the hack, Iranian authorities have reportedly imposed restrictions on local crypto exchanges, limiting their operating hours in an attempt to contain fallout. Observers point out that this kind of reckless hacking doesn’t serve the public. According to Nicholas Smart, VP of blockchain intelligence at Crystal, "Crypto is big in Iran. There’s no way of knowing if the stolen funds belonged to state actors or ordinary people."
The cyberattack on Nobitex highlights the increasing risks for cryptocurrency users in Iran and the serious implications for the local crypto market amidst political instability and international tensions.
