The pro-Israel hacker collective Gonjeshke Darande made headlines by releasing the complete source code of the Iranian crypto exchange Nobitex, just one day after carrying out a $100 million exploit that targeted multiple blockchains. This cyberattack comes amidst escalating tensions between Israel and Iran, with the conflict entering its first week.
This move has raised alarms among users who have not yet withdrawn their assets from the platform, as the leaked source code makes it easy for malicious actors to access and exploit the system.
Israel launched attacks on military and nuclear sites in Iran, citing the need to prevent Iran from acquiring nuclear weapons. In retaliation, Iran conducted ballistic missile launches targeting the entire country, forcing millions of people into shelters on short notice.
In a post on Thursday, the hacker group Gonjeshke Darande, which translates to Predatory Sparrow in Farsi, shared, “Time’s up – full source code linked below. ASSETS LEFT IN NOBITEX ARE NOW ENTIRELY OUT IN THE OPEN.” The leaked source code contained blockchain scripts, internal privacy settings, and server lists, essentially compromising the exchange’s backend security.
This source code dump followed through on threats made the previous day, when Gonjeshke Darande claimed responsibility for the hack and threatened to release internal data. The group accused Nobitex of assisting Iran in bypassing international sanctions, dubbing the platform as the “regime’s favorite sanctions violation tool.”
More than $90 million in tokens from Bitcoin, EVM, Ripple, Dogecoin, Solana, and other networks were deliberately sent to burner addresses, making recovery highly unlikely. The funds were transferred to wallets with provocative names like “1F**kiRGCTerroristsNoBiTEXXXaAovLX” and “DF**kiRGCTerroristsNoBiTEXXXWLW65t,” indicating the use of vanity addresses generated through brute force, which the attackers do not have private keys for. The IRCG (Islamic Revolutionary Guard Corps) is a powerful and influential branch of the Iranian military.
Nobitex responded by stating that no additional losses occurred post-leak and that they aim to restore services within five days. However, ongoing internet disruptions in Iran may impact the recovery process.
No comments:
Post a Comment