Iran’s largest crypto exchange, Nobitex, has started restoring operations weeks after suffering a politically motivated hack that drained $100 million in user funds.
In a statement on Tuesday, Nobitex confirmed it will first re-enable withdrawals for users who have completed identity verification, with spot exchange clients given priority access.
The exchange urged customers not to deposit crypto into old wallet addresses, warning that its migration process had rendered prior addresses invalid.
“Deposits to previous wallets will likely result in unrecoverable loss of funds,” Nobitex posted.
Withdrawals are expected to resume from June 30. However, the platform did not commit to a timeline for restoring other services like deposits or trading, saying the rollout would happen gradually.
Nobitex, a dominant player in Iran’s digital asset market, was hacked on June 18 by a pro-Israel hacker group.
Hackers Destroyed Millions in Tokens to Make a Political Point
The attack on Nobitex was one of the most high-profile politically motivated breaches in the crypto sector to date.
The group claiming responsibility, Gonjeshke Darande, said it launched the attack to disrupt entities allegedly connected to the Iranian government.
After draining funds, the hackers deliberately burned about $90 million worth of crypto and published the platform’s source code, marking a rare instance of sabotage aimed at crippling a major exchange rather than profiting.
Blockchain analytics firm Chainalysis noted in a recent report that Nobitex is a critical pillar of Iran’s crypto economy. The exchange reportedly processed $11 billion in inflows—more than all other major Iranian platforms combined.
Chainalysis also linked Nobitex to sanctioned entities and wallets tied to illicit activity, adding to the controversy.
In response to the attack, Iranian regulators have imposed tighter operating hours on crypto exchanges, limiting them to 10 a.m. to 8 p.m. to improve oversight.
State-Sponsored Cybercrime Becomes a Growing Threat
The Nobitex breach underscores a broader trend of state-affiliated hacking groups targeting crypto exchanges for both financial gain and geopolitical leverage.
According to a new report, North Korean hackers have been responsible for about 70% of total stolen crypto value this year, including the record-breaking $1.5 billion hack of Bybit in February.
South Korean officials have also sounded alarms, revealing that North Korean cyber units have begun using artificial intelligence tools such as ChatGPT to automate reconnaissance and expand phishing campaigns.
As geopolitical rivalries intensify, analysts expect more politically motivated attacks on critical crypto infrastructure, raising the stakes for exchanges operating in high-risk jurisdictions.
Quick Facts
- Nobitex was hacked for $100 million in June by a pro-Israel group.
- The attackers burned $90 million in crypto and leaked the platform’s code.
- Withdrawals will resume June 30 for verified users; trading and deposits remain restricted.
- State-sponsored hacks, especially from North Korea, now account for most large crypto thefts in 2025.
