Iran’s Nobitex Starts Recovery Efforts After $90M Exploit

Crypto Reporter

Shalini Nagarajan

Crypto Reporter

Shalini Nagarajan

About Author

Shalini is a crypto reporter who provides in-depth reports on daily developments and regulatory shifts in the cryptocurrency sector.

Share

Last updated: 

June 30, 2025

Why Trust Cryptonews

Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas – from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews

Iran’s largest crypto exchange, Nobitex, has begun restoring user access to wallets after suffering a major cyberattack that drained over $90m in assets earlier this month.

In a statement issued Sunday, the Tehran-based platform said that wallet access was being reactivated in phases, beginning with verified users and spot wallets.

Other wallet types will follow, contingent on the completion of identity checks. Nobitex urged users to complete verification promptly and noted that wallet balances would become visible once all security and data accuracy checks were finalized.

“We are working to resume withdrawal, deposit, and trading services for verified users with minimal delay,” the company said. It warned that the timeline may shift depending on technical conditions and additional security requirements.

Users Risk Losing Funds if Deposits Are Sent to Outdated Wallets, Nobitex Says

The company also advised users not to deposit funds to previously issued wallet addresses, which are now invalid due to a full system migration.

Any transfers to the old addresses could result in permanent fund loss. Users relying on automated systems such as mining rigs or saved withdrawal configurations were told to update their details or wait for new personal addresses to be issued.

The platform’s gradual reboot follows a highly disruptive breach earlier this month. The cyberattack prompted Iran’s central bank to intervene.

Authorities React to Hack With Curbs on Operating Hours for Domestic Exchanges

Authorities have since ordered all domestic crypto exchanges to limit operations between 10am and 8pm. This measure aims to strengthen security and reduce the risk of after-hours attacks.

Meanwhile, the pro-Israel hacking group Predatory Sparrow, also known as Gonjeshke Darande, claimed responsibility for the breach. The incident marks yet another escalation in cyberwarfare involving state-linked actors in the region.

Nobitex handles the bulk of Iran’s crypto trades. It plays a key role in the country’s expanding digital asset ecosystem.

However, the recent breach has shaken user confidence. It has also raised concerns about the strength of Iran’s broader financial infrastructure, especially as cyber threats grow more sophisticated.