In a June 18 update, the hacking group made a statement on X, revealing their audacious move of burning funds across various blockchains. The trick? Using “vanity addresses” that have no private keys to recover, making these assets permanently gone. Yep, you read that right; gone, forever.
12 hours ago
— Gonjeshke Darande (@GonjeshkeDarand) June 18, 2025
8 burn addresses burned $90M from the wallets of the regime's favorite sanctions violation tool, Nobitex.
12 hours from now
The source-code of Nobitex will be open to the public, and Nobitex’s walled garden will be without walls. Where do you want your assets to be?…
This follows the infamous Nobitex exploit, where over $90 million worth of Bitcoin, Ethereum, Dogecoin, and other tokens were siphoned from hot wallets. Initially, the attackers claimed the breach was a direct hit on Nobitex for allegedly helping Iran skirt sanctions and fund terrorism. I mean, talk about making a statement!
State-Level Conflict Hits the Crypto World
Also known as the Predatory Sparrow, the group linked the hack to the ever-growing cyber and military tensions between Iran and Israel. These tensions were already flaring up after Israeli airstrikes hit Tehran’s nuclear sites. As if things weren't tense enough.
Blockchain security companies like Chainalysis wasted no time confirming that the stolen funds didn’t end up in mixers or exchanges. Nope, they were sent to irreversible addresses, some with spicy labels like “FuckIRGCTerroristsNoBiTEX.” Yeah, they were really making their feelings known. One Bitcoin wallet? Unspendable, thanks to an invalid checksum. Meanwhile, Ethereum tokens were sent to that classic “0x…dead” address, because why not just finish off the supply for good?
Naturally, Nobitex responded, kind of apologetically, noting that the assets had been burned but reassuring users that their funds were safe in cold storage. They even emptied the hot wallets, just to be extra cautious. They promised no customer funds would be lost, thanks to their insurance pool and reserve fund. Phew, right?
Nobitex Announcement No. 4 – Regarding the Security Incident
— Nobitex | نوبیتکس (@nobitexmarket) June 18, 2025
As part of Nobitex’s ongoing response to the recent security incident, we would like to inform our users that the situation is now under control. All external access to our servers has been completely severed.
If you…
But just to stir the pot even more, the attackers threw out a warning: they’ve got internal data and the source code of Nobitex, which could make life miserable for Iran’s leading crypto platform, especially with over 11 million users. Gonjeshke Darande, one of the attackers, didn’t hold back, saying that users needed to withdraw immediately if they wanted to avoid risking any more assets.
Now, let’s talk about the bigger picture. This wasn’t some petty theft. There was no financial motive here. Instead, it was a chilling reminder that state-level conflicts are now spilling into the crypto world, turning digital currency into a new kind of weapon. When over $90 million in crypto is destroyed just to send a message, it’s hard not to think that the game has changed forever.
Gunel Ismayilova
Disclaimer: All materials on this site are for informational purposes only. None of the material should be interpreted as investment advice. Please note that despite the nature of much of the material created and hosted on this website, HODL FM is not a financial reference resource, and the opinions of authors and other contributors are their own and should not be taken as financial advice. If you require advice. HODL FM strongly recommends contacting a qualified industry professional.
