Exchange record
Nobitex
Iranian centralized cryptocurrency exchange that suffered a politically motivated destructive hack in June 2025, began phased service recovery later that month, and continued operating afterward. On June 2, 2026, the U.S. Treasury's OFAC designated Nobitex under counterterrorism and Iran financial-sector sanctions authorities.
Registry sequence
Key facts
URL handling
Summary
Iranian centralized cryptocurrency exchange that suffered a politically motivated destructive hack in June 2025, began phased service recovery later that month, and continued operating afterward. On June 2, 2026, the U.S. Treasury's OFAC designated Nobitex under counterterrorism and Iran financial-sector sanctions authorities.
Timeline
Nobitex was attacked by hackers identifying as Predatory Sparrow / Gonjeshke Darande, with roughly USD 90 million in crypto assets transferred to inaccessible or burned addresses and source-code exposure threatened.
Nobitex suffered a major security incident in June 2025. Public reporting and blockchain analysis described more than $90 million in crypto assets being transferred to inaccessible addresses in an apparently politically motivated attack.
Nobitex said it pulled its website and app offline while reviewing unauthorized access to its systems and hot wallet infrastructure after the attack.
Nobitex's recovery roadmap moved into a phased service-restoration stage from June 30, 2025, initially reopening withdrawal access for verified users and planning gradual restoration of deposits and trading after the June hack.
The U.S. Treasury announced sanctions targeting Nobitex and other Iranian digital-asset exchanges. Reuters and AP reported the action and the Treasury's stated sanctions-evasion rationale.
The U.S. Treasury's Office of Foreign Assets Control designated Nobitex under Executive Orders 13224 and 13902, citing support for the IRGC and operation in Iran's financial sector and warning of sanctions exposure for certain counterparties.