A Iran-Haiing group with Israel’s potential relationships on Wednesday announced an attack on one of Iran’s largest cryptocurrency exchanges, destroying about $ 90 million (about Rs 782 crore) and threatened to highlight the source code of the platform.
A group known as Gonzeshke Darande, or “Shikari Sparrow” claimed an attack, causing it to underwent a second operation of the group in two days. On Tuesday, the group claimed to destroy data in Iran’s state -owned bank sep amid growing enmity between Israel and Iran and missile attacks.
Wednesday’s attack targeted Nobtex, one of the biggest people in Iran cryptocurrency Exchange The stage allegedly helps the Iranian government to avoid restrictions and finance illegal operations worldwide, claiming in a message posted to its social media channels in the early hours of Wednesday.
Nobitex’s website was unavailable on Wednesday. Messages sent to the company’s support channel Wire Did not come back. Gonzeshke Darrende did not respond to the remarks requests.
Nobitex said in a post X It pulled its website and app offline as it reviewed the “unauthorized access” in its system.
Gonzeshke Darande is an established hacking group with the history of sophisticated cyber attacks targeting Iran. An operation of 2021, claimed by the group, caused a large gas station outage, while an attack that targeted an Iranian steel mill in 2022 caused a large fire and tangible, offline damage.
Israel has never formally accepted that it is behind the group, although the Israeli media has widely reported Gonzeshke as “Israel-Linked”.
Wednesday’s attack began in the early hours of the morning when the fund was taken to a hacker-controlled wallet, condemning the Islamic Revolutionary Guard Corps (IRGC). Blockchain Analysis firm TRM labsWhich increased the total theft of about $ 90 million (about Rs 782 crore) in several types of cryptocurrency.
Blockchain analysis firm Illiptic said in a blog post that the hacker-controlled wallets will not be able to reach the stolen money, which means that hackers “hacked the fund effectively to send a political message.”
Iliptic’s post shared the evidence that Nobitax sent and received Israel to the Cryptocurrency Wallets controlled by hostile groups, including Palestinian Islamic Jihad, Hamas and Hauthis of Yemen.
Senator Elizabeth Warren and Angus King had expressed concern about Nobatex’s role in enabling the theft of Iranian sanctions in May 2024 to top biden administration officials, citing the reporting of Reuters since 2022.
Andrew Fiemen, head of National Security Intelligence with Channelis, confirmed the Reuters in an email that the attack was around $ 90 million (about Rs 782 crore) and it was probably geologically motivated, given that the money was burnt.
Fierman said, “Channelis has seen the first IRGC-affiliated ransomware actors to hold the Nobtex cash, and other IRGC proxy groups taking advantage of the platform,” said Fierman.
© Thomson Reuters 2025
(This story is not edited by NDTV employees and auto-generated from a syndicated feed.)