Adapted by:
Javier Pastor
Senior WriterComputer scientist turned tech journalist. I've written about almost everything related to technology, but I specialize in hardware, operating systems and cryptocurrencies. I like writing about tech so much that I do it both for Xataka and Incognitosis, my personal blog.
Karen Alfaro
WriterCommunications professional with a decade of experience as a copywriter, proofreader, and editor. As a travel and science journalist, I've collaborated with several print and digital outlets around the world. I'm passionate about culture, music, food, history, and innovative technologies.
While it’s not the largest cryptocurrency theft in history, the $90 million is significant because of who’s involved and why. The two nations are Israel and Iran. The reason, unfortunately, is the ongoing conflict between them.
Israel hacks Iran. The war between the countries is intensifying, with new and eye-catching tactics on the battlefield and online. It’s also being waged through cyberwarfare. Gonjeshke Darande (which means “predatory sparrow” in Persian) has claimed responsibility for hacking the Iranian cryptocurrency platform Nobitex.
There’s a possible link to Israel. Sophos experts say there’s no definitive proof directly linking the Israeli government to the hacker group. However, Rafe Pilling, the company’s director of threat intelligence, said the cyberattack showed all the hallmarks of a government-backed operation.
$90 million? According to The Guardian, the hacker group stole $90 million. But the Persian edition of Wikipedia reports the stolen amount as 3.76 trillion rials —about $47 million. The funds may have come from one of the targeted Tronscan wallets. Gonjeshke Darande has also threatened to publish the company’s internal data and the source code of its trading platform. The exact total is unclear, but according to Cointelegraph, it exceeds $81.7 million.
Cold wallets are safe. Nobitex confirmed that the hackers accessed only the platform’s “hot” wallets—used for daily transactions. The more secure cold wallets weren’t affected. After the attack, Nobitex blocked platform access and told users that “all damages will be compensated through the insurance fund,” according to an English translation provided by Google. In a follow-up message, the company said the impact was “more complex than initially estimated.”
Additionally, there were internet outages. Nobitex explained that the cyberattack response has been hampered by nationwide internet outages and limited access to facilities due to the ongoing national crisis. The company expects to recover and restore services within four to five days. The platform remains inaccessible.
A politically motivated hack. Yehor Rudytsia, a security researcher at Hacken, told Cointelegraph that the cyberattack appears to be “more a political statement rather than a typical financially motivated theft.” According to The Guardian, the hackers “burned” the funds by sending them to “vanity addresses” with no known private key or way to recover them. One such wallet is “0x000000000000000000000000000000000000dEaD,” with “dead” at the end—valid, but permanently inaccessible. Hackers used other addresses containing variations of the phrase “F*ckIRGCterrorists.”
Image | c.xyz NFT gallery (Unsplash)
View 0 comments