144
A pro-Israel hacker group has published the source code for Iran’s largest crypto exchange Nobitex, after a $100M hack. The hackers claimed responsibility for destroying over $90 million in crypto stolen from Nobitex. The group, known as “Gonjeshke Darande” (also called Predatory Sparrow), said it burned the funds using “vanity addresses” that can’t be accessed or recovered.
In a June 18 update on X, the group revealed that assets like Bitcoin, Ethereum, and Dogecoin were sent to unspendable blockchain addresses. Some addresses even included anti-Iran messages, like “FuckIRGCTerroristsNoBiTEX.” One of the Bitcoin wallets used has an invalid checksum, while Ethereum tokens were sent to the “0x…dead” burn address, commonly used to permanently remove coins from circulation.
This attack comes days after Israeli airstrikes on Tehran’s nuclear facilities, highlighting the growing role of crypto in global conflicts. The hackers accused Nobitex of helping the Iranian regime bypass sanctions and fund terrorism. Blockchain security companies, such as Chainalysis, confirmed that the stolen funds were not transferred to exchanges or mixers, but were actually burned-they were irrecoverable.
In response, Nobitex said all user funds remain safe in cold storage. The platform added that it emptied hot wallets as a precaution and has enough reserves to cover any losses. Nobitex is under pressure with more than 11 million users as the cyber tensions are on the rise.
