Nobitex, Iran’s largest cryptocurrency exchange, was hacked for over $90 million on Wednesday, according to blockchain analytics firm Elliptic.
Elliptic said the funds were emitted from the platform’s wallet to an address that contains an Iranian Islamic Revolutionary Guard (IRGC), or an anti-government message expressly referring to the IRGC.
Pro Israel Hacking Group Gonjeshke Darande, or “Presdatory Sparrow,” claimed responsibility for the attack and said it would release the source code for the exchange. Elliptic said the exchange was offline at the time of this post.
The predatory Sparrow also claimed credit for another cyberattack at Iran’s state-owned bank Sepa this week.
The fight exploded between Israel and Iran on Friday, and countries continue to trade in missile fires. Iran’s supreme leader Ayatollah Ali Khamenei threatened the US with “irreparable damage” on Wednesday in response to President Donald Trump’s demand that the country surrender.
The stolen assets have not been concluded by the group, but Elliptic said the funds were sent to the crypto address. Hackers may not be able to control it.
Elliptic’s study linked this exchange to IRGC. This is a powerful branch of the military designated as a terrorist organization by the United States, the UK, the European Union and Canada.
Previous research has linked the platforms to authorize IRGC-related ransomware operatives and individuals close to Khamenei.
Blockchain data also shows activities between the Nobitex Exchange and the wallets associated with Hamas, Palestinian Islamic Jihad and Houthis.
Elliptic said it continues to monitor virtual asset flows associated with Iranian entities and is updating its compliance tools to reflect new threats in the region’s crypto ecosystem.
Source link
