Top Iranian crypto exchange Nobitex said it has begun restoring its services after a $90 million hack this month, while blockchain analysts suggest the exploit might also have been tied to espionage investigations by Israelis.
The platform said that verified users will gradually be allowed to use their wallets again. Moreover, during the first steps of restoring services, wallets for spot trading will be accessible first.
The identity verification process is already ongoing, and Nobitex promised to display wallet balances in phases once "the accuracy and security of all information is confirmed."
According to the company, the process is estimated to be finalized by mid-week, if there are no further delays due to technical or security issues.
"We are working to resume withdrawal, deposit, and trading services for verified users with minimal delay," the team said, urging users not to deposit crypto assets into old Nobitex wallet addresses as they are no longer valid.
As reported earlier in June, Gonjeshke Darande, or "Predatory Sparrow," an anti-Iranian hacking group with possible ties to Israel, hacked Nobitex, stealing $90 million worth of crypto assets and destroying them by sending them to irrecoverable addresses. Moreover, Gonjeshke Darande published Nobitex's source code, further threatening the exchange.
Meanwhile, blockchain analysts at TRM Labs said that it's possible the hack helped Israeli authorities arrest three individuals suspected of spying on behalf of Iranian intelligence services within days of the cyberattack.
"The sequence of events – Israeli strikes on June 13th, the Nobitex breach on June 18th, and the arrests announced on June 24th – raises the analytical possibility that Israeli cyber units were using the Nobitex breach to gather internal data," the analysts said.
According to them, this data might have included wallet ownership, messaging history, or Know Your Customer (KYC) information to identify Iranian handlers or trace crypto payments to Israeli operatives.
While there’s no direct public evidence linking the Nobitex breach to the espionage investigations, TRM Labs stressed that this would be consistent with tactics used by Israeli cyber defense teams and Predatory Sparrow’s operational record.
Your email address will not be published. Required fields are markedmarked