Iran’s biggest cryptocurrency exchange, Nobitex, has been hacked for over $81 million in a targeted cyberattack reportedly carried out by a pro-Israel hacker group. The breach, confirmed by blockchain investigator ZachXBT, involved a sophisticated attack on hot wallets across Tron and Ethereum-compatible networks.

The exploit was traced to suspicious “vanity addresses” used by the attackers. The first, featuring an explicit anti-Iran message, was used to steal $49 million. A second address, filled with repetitive characters, siphoned off the rest. The group claiming responsibility, “Gonjeshke Darande,” declared the hack as a political statement, accusing Nobitex of aiding Iran’s alleged terror financing and sanctions evasion.

Nobitex quickly acknowledged the breach, stating that only a portion of hot wallets were affected and that user funds held in cold storage remained safe. They assured users that all losses would be covered using their insurance reserves and internal funds.

Experts believe the hack stemmed from a failure in access controls, allowing attackers to penetrate internal systems. Despite the scale of the theft, the stolen assets have yet to be moved, raising speculation about the hackers’ motives.

This cyberattack is the latest in a growing wave of digital heists hitting the crypto industry in 2025, with over $2.1 billion in losses reported this year alone. Most incidents are linked to poor key management and social engineering scams like address poisoning.

Adding to tensions, the Nobitex hack coincides with escalating conflict between Iran and Israel, including military strikes and hundreds of deaths. Analysts suggest the hack was less about financial gain and more a symbolic strike in the ongoing geopolitical feud. The hackers have threatened to release the exchange’s source code and internal data unless more action is taken.