Nobitex Restores Wallet Access After $90 Million Hack

Nobitex, Iran’s largest cryptocurrency platform, has initiated the process of restoring wallet access to users following a significant security breach that resulted in losses exceeding $90 million. The exploit, which occurred on June 18, was claimed by Gonjeshke Darande, a pro-Israel group also known as Predatory Sparrow. Blockchain investigators reported that approximately $90–100 million in digital assets were drained from hot wallets across Ethereum (ETH) and Tron (TRX), including Bitcoin (BTC), ETH, and Dogecoin (DOGE).

The company issued an update on June 29, outlining a phased recovery process starting with verified users. Initially, only spot wallets are being unlocked, with other wallet types to follow once identity verification is completed. Users are advised to wait for confirmation before attempting to access their balances, which will be displayed gradually as security checks proceed. Nobitex expects the process to finish by mid-week but noted that timelines could shift based on technical and security considerations.

As part of its post-attack response, Nobitex is migrating to a new wallet system. The firm warned users not to deposit funds into previously used addresses, noting that any deposits to old wallets may result in permanent loss. The hackers reportedly accessed the platform using employee credentials compromised earlier via infostealer malware. The breach exposed parts of Nobitex’s internal systems, including source code and server data, which were later leaked online.

Nobitex, which has processed more than $11 billion in inflows to date, holds a dominant position among Iran-based exchanges. The incident has prompted authorities to implement stricter measures on domestic exchanges, including curbs on operating hours. This move is part of a broader effort to enhance the security of cryptocurrency transactions and prevent similar incidents in the future. The authorities' response underscores the seriousness of the situation and the need for robust security protocols in the cryptocurrency industry.

The hack has raised concerns about the vulnerability of cryptocurrency exchanges to cyber-attacks, particularly those with political motivations. The pro-Israel hacker group's actions highlight the potential for geopolitical tensions to spill over into the digital currency space, posing risks to both users and exchanges. This incident serves as a reminder of the importance of continuous vigilance and the implementation of advanced security measures to protect against such threats.

Nobitex's response to the hack, including the gradual restoration of services and the prioritization of verified users, demonstrates the exchange's commitment to addressing the issue and regaining user trust. However, the long-term impact of the incident on the exchange's reputation and user confidence remains to be seen. The exchange will need to continue to invest in security and transparency to rebuild trust and ensure the safety of its users' funds.

The incident also underscores the need for regulatory oversight and industry standards to enhance the security of cryptocurrency exchanges. As the use of digital currencies continues to grow, it is essential for exchanges to adopt best practices and comply with regulatory requirements to protect against cyber threats and ensure the integrity of the market. The exchange's efforts to restore services and the authorities' response to the hack are steps in the right direction, but ongoing vigilance and collaboration will be crucial in preventing future incidents.