Iranian crypto exchange Nobitex, which was hacked earlier this month by the pro-Israel hacker group Gonjeshke Darande, has begun gradually restoring its services.
According to the exchange, access to wallets will initially be limited to users who have completed identity verification, with priority given to spot trading users.
Nobitex also warned users not to deposit funds into their old wallet addresses, as doing so could result in the loss of assets.
“Due to the wallet system migration, previous addresses are no longer valid, and any deposits made to them may result in loss of funds,” the platform stated.
In a post on X this Tuesday, Nobitex announced that it will begin enabling withdrawal services starting June 30. The exchange added that other operations, including trading and deposits, will be restored gradually, though no specific timeline has been given.
The update follows a major security breach on June 18, when Nobitex was hacked for $100 million.
A politically motivated hack
The Nobitex hack has been widely interpreted as a political act amid escalating tensions between Iran and Israel. As the largest cryptocurrency exchange in Iran, Nobitex became the target of the pro-Israel hacker group Gonjeshke Darande, which claimed responsibility for the attack.
Following the breach, the group reportedly destroyed $90 million worth of digital assets and published the exchange’s full source code. In a statement, the hackers said they targeted Nobitex due to its alleged ties to the Iranian government and claims that it supports malicious actors.
A report from blockchain analytics firm Chainalysis underscored Nobitex’s central role in Iran’s crypto ecosystem. The platform recorded $11 billion in inflows, significantly surpassing the combined $7.5 billion of the next ten largest Iranian exchanges.
Chainalysis also noted that its on-chain investigation uncovered links between Nobitex and various sanctioned and illicit entities.
In response to the incident, Iranian authorities have imposed new restrictions on domestic crypto exchanges, limiting their operational hours to between 10 a.m. and 8 p.m.
Surge in State-Sponsored Cyberattacks
State-sponsored cyberattacks have surged in 2025, with North Korean hacking groups leading the wave of digital threats.
According to a report released Friday, the North Korean state-backed hackers responsible for the $1.5 billion Bybit hack in February have accounted for nearly 70% of all crypto-related exploit losses this year.
South Korean authorities have also disclosed that these groups are increasingly leveraging AI tools such as ChatGPT to facilitate cryptocurrency theft and enhance the sophistication of their operations.
