Nobitex, one of Iran’s leading cryptocurrency exchanges, is slowly resuming operations after being hacked earlier this month by the pro-Israel hacker group Gonjeshke Darande. According to an official statement, starting June 30, only users who have completed identity verification will be granted priority access to asset withdrawals, while trading and deposit functions will be restored gradually, with no specific timeline provided.
The attack, which occurred on June 18, resulted in damages totaling $100 million. The attackers claimed to have destroyed $90 million worth of assets and leaked Nobitex’s complete source code—an incident that has drawn intense scrutiny from Iranian regulators. In response, Iranian authorities have tightened restrictions on domestic crypto platforms, now allowing operations only between 10:00 AM and 8:00 PM local time.
Nobitex has urged users not to send assets to old wallet addresses, warning that its wallet system has been migrated and previous addresses are now invalid. “Continuing to deposit into these addresses may lead to permanent loss of funds,” the platform stated.
Cyberattacks Escalate Amid Geopolitical Tensions
The hacker group Gonjeshke Darande (meaning “Raptor” in Persian) publicly claimed responsibility for the attack, stating that their target was not just Nobitex, but what it represents. They alleged that the exchange was linked to the Iranian government and supported “malicious actors,” justifying the breach as a form of “technical sanctions.”
According to blockchain analytics firm Chainalysis, Nobitex is the backbone of Iran’s crypto infrastructure, with over $11 billion in total crypto inflows since its inception. In comparison, the top ten other Iranian exchanges combined account for only $7.5 billion. Chainalysis also noted that some of Nobitex’s funds appear to be tied to internationally sanctioned entities—likely a key motivation for the attack.
State-Sponsored Hacks on the Rise, AI Tools Fueling the Threat
The Nobitex hack is part of a growing trend in 2025: a surge in state-sponsored cyberattacks targeting the crypto sector. In February, North Korean state-backed hackers were revealed to be behind a $1.5 billion breach of crypto exchange Bybit, an incident that accounts for nearly 70% of all crypto losses this year.
More alarmingly, cybersecurity officials in South Korea have reported that North Korean hackers are now leveraging AI tools, including language models like ChatGPT, to design phishing emails, write malware code, and assist with social engineering schemes—greatly enhancing the sophistication and success rates of their attacks.
Crypto Security Faces a Precarious Future
As crypto platforms increasingly become battlegrounds in geopolitical conflicts, the security of the digital asset space is growing more precarious. Experts warn that exchange security is no longer just a technological issue—it has become a matter of national strategy. In today’s volatile global landscape, any politically exposed crypto platform could be the next target.
For everyday users, the path to safety includes strengthening account security, completing verification procedures, and avoiding unvetted wallet addresses.
In an era where cyber warfare and geopolitical rivalry converge, the ideal of decentralization in the crypto world is facing its most daunting reality check yet.