Iran Imposes Crypto Exchange Curfew After $90M Nobitex Hack
Please note that we are not authorised to provide any investment advice. The content on this page is for information purposes only.
Iran’s central bank has imposed strict new operating hours on domestic cryptocurrency exchanges following a major cyberattack on Nobitex, the country’s largest crypto trading platform.
The move signals a significant shift in Iran’s approach to cryptocurrency regulation, as the government increasingly views digital assets as a vital component of national infrastructure.
Pro-Israel Hackers Drain Wallets, Leave Political Message
According to a Chainalysis report, local crypto exchanges in Iran are directed to operate between 10 a.m. and 8 p.m.
This is a response to the Nobitex breach on June 18. This resulted in the loss of over $90 million in crypto assets, the largest crypto hack in Iran’s history. The stolen assets included Bitcoin, Ethereum, Dogecoin, XRP, and Solana.
Pro-Israel hacking group, Gonjeshke Darande, claimed responsibility for the attack. They accessed Nobitex’s hot wallets and rapidly moved large volumes of crypto assets to burner addresses, rendering the funds permanently inaccessible.
https://twitter.com/chainalysis/status/1935439031321395279
These addresses also included provocative messages such as the derogatory term “F*ckIRGCterrorists,” a direct reference to the Islamic Revolutionary Guard Corps (IRGC), signaling the attack’s political intent.
Chainalysis also pointed out that, rather than attempting to obfuscate or cash out the assets typical of financially motivated hacks, the group sent the tokens to inaccessible wallet addresses, thereby removing them from circulation.
This pattern of cyber sabotage follows other incidents attributed to Gonjeshke Darande, including the cyberattack on Iran’s Bank Sepah earlier this year.
https://twitter.com/DrEliDavid/status/1934899682695893394
This is not the first time a state-supported hacking group has attacked major crypto firms globally.
Notable among them is the Lazarus Group, a North Korean-backed organization that has targeted cryptocurrency exchanges, such as Bybit, and influential personalities in the industry. Recall that the group targeted crypto founders in March, tricking them to download malware that secretly takes control of their computers and sensitive data.
From DDoS to Digital Sabotage: How Attacks Are Escalating
The Nobitex hack is just one in a growing series of digital offensives between Iran and Israel, as both countries increasingly use cyberspace to project power and retaliate.
This digital escalation now includes cryptocurrency platforms as prime targets for disruption.
Iranian hackers have launched waves of DDoS attacks on the Israeli government and financial institutions.
In response, Israeli cybersecurity firm Radware reported a 700% spike in attacks against Israeli assets within just 48 hours of the conflict’s escalation, according to the Jerusalem Post.
Israeli state actors have also expanded their efforts beyond denial-of-service to include data wiping campaigns and targeted infrastructure hacks such as that of Nobitex.
Meanwhile, Iran has responded by placing its government systems on high alert, imposing nationwide internet curbs, and urging citizens to shift to its domestic intranet to reduce foreign surveillance and disruption.
As this Israel-Iran cyber conflict deepens, other governments may treat crypto platforms as strategic infrastructure, subject to the same scrutiny and protection as banks, energy grids, or defense networks.
