Iran’s largest cryptocurrency exchange, Nobitex, has officially begun restoring services after suffering a devastating $100 million hack earlier this month, attributed to the pro-Israel hacking group Gonjeshke Darande.
In a series of updates, Nobitex stated that only users who have completed identity verification will initially regain access to the platform’s wallet services. Priority will be given to spot exchange users as the platform begins recovery operations.
Critically, the exchange warned users not to send funds to old wallet addresses, citing an ongoing wallet system migration.
“Due to the wallet system migration, previous addresses are no longer valid, and any deposits made to them may result in loss of funds,” Nobitex posted on X.
As of June 30, Nobitex has confirmed that withdrawal services are being re-enabled. However, full trading and deposit capabilities will be introduced gradually, with no firm timeline yet provided.
The June 18 hack was one of the most high-profile cyberattacks on a crypto exchange in 2025 and is widely viewed as politically motivated amid heightened geopolitical tensions between Iran and Israel.
The hacker group Gonjeshke Darande claimed responsibility for the attack. In a defiant move, the group burned approximately $90 million worth of crypto assets and leaked the full source code of the exchange.The group accused Nobitex of facilitating financial activity for sanctioned Iranian entities and funding malicious state actors.
According to a recent report by Chainalysis, Nobitex plays a critical role in Iran’s digital asset infrastructure. The exchange reportedly processed $11 billion in inflows, dwarfing the combined $7.5 billion across the next ten largest Iranian exchanges.
Chainalysis also linked Nobitex to sanctioned and illicit actors, adding fuel to the controversy surrounding the hack.In response to the incident, Iranian regulators have tightened restrictions on domestic crypto exchanges, limiting their operations to 10:00 a.m. to 8:00 p.m. local time.
The Nobitex breach is part of a surging trend of state-linked cyberattacks targeting the crypto sector. According to recent reports, North Korean state-sponsored hackers have been responsible for the majority of these attacks.
Notably, the Bybit hack in February, which saw $1.5 billion stolen, has been linked to North Korean threat actors. Experts estimate that North Korea’s hackers have accounted for nearly 70% of all crypto losses due to exploits in 2025.
As Nobitex works to restore its services post-hack, the exchange remains under intense scrutiny for its alleged ties to sanctioned entities. The politically charged attack highlights growing cyber risks facing centralized exchanges, especially in regions marked by geopolitical instability.
With wallet services gradually returning and regulatory constraints increasing, the future of Nobitex—and Iran’s broader crypto ecosystem—remains uncertain.
June 2025, Cryptoniteuae