The prominent Iranian cryptocurrency exchange, Nobitex, has allegedly been breached by a hacktivist group known as “Gonjeshke Darande,” or “Predatory Sparrow.” The group, known for its anti-regime stance, announced the cyberattack, claiming to have infiltrated the exchange’s internal network. Nobitex, founded in 2017, is the largest and most popular cryptocurrency trading platform in Iran, playing a significant role in the country’s access to the international digital economy, particularly in the face of stringent economic sanctions. The exchange serves a substantial user base within Iran, making it a high-value target for those seeking to disrupt the nation’s financial activities.
In a public statement, Gonjeshke Darande asserted that the cyberattack was a direct response to Nobitex’s alleged complicity in financing terrorism and facilitating the evasion of international sanctions by the Iranian government. The hacktivist collective has framed the breach as an act of opposition to the current regime, positioning the targeting of a key financial entity as a means of protest. This incident follows a pattern of disruptive cyber activities attributed to the group against various Iranian entities, highlighting the escalating digital front in the ongoing geopolitical tensions surrounding Iran.
The attackers have threatened to publicly release sensitive information allegedly exfiltrated from Nobitex’s servers. The data dump, according to the group’s claims, could be extensive and damaging to the exchange and its users. The following categories of data have allegedly been compromised:
- Nobitex’s complete source code
- Internal company and operational information
- User data
