Latest news with #GonjeshkeDarande
Coin Geek
7 hours ago
- Business
- Coin Geek
Pro-Israel hackers steal $90M from Iranian exchange: report
Getting your Trinity Audio player ready... A pro-Israel hacking collective has made off with $90 million worth of digital assets in a hack on Nobitex, an Iranian exchange. The group, known as Gonjeshke Darande (which is Farsi for 'Predatory Sparrow'), took responsibility for the attack in posts on X. The group followed up by releasing Nobitex's source code and warning that all assets remaining with the exchange were at risk. 'The Nobitex exchange is at the heart of the regime's efforts to finance terror around the world,' claimed Gonjeshke Darande in an X post. 'Nobitex does not even hide the fact that it circumvents sanctions, but rather explicitly teaches this on its website. The regime's dependence on this exchange is so great that working at Nobitex is considered an alternative to military service, as this channel is vital to the regime.' According to the group, the trove includes $48.7 million in USDT, $6.7 million in Dogecoin, and $1.9 million in BTC. Notably, the group claimed it had 'burned' the stolen funds by sending them to addresses with no known keys, effectively destroying the hoard. Blockchain investigator Elliptic corroborates this, finding funds began flowing from Nobitex to addresses containing variations of the term 'F*ckIRGCTerrorists' on the morning of the attack. Earlier this week, the group took responsibility for another hack that destroyed data at Iran's state-owned bank Sepah, saying that it was an institution that 'circumvented international sanctions and used the people of Iran's money to finance the regime's terrorist proxies, its ballistic missile program and its military nuclear program.' However, the group has a longer history of targeting Iran. An attack in 2023 apparently shut down 70% of the gas stations in Iran. In 2022, they claimed credit for a fire that broke out in an Iranian steel mill in a rare instance of physical damage resulting directly from a hacking attack. Gonjeshke Darande's claims about Nobitex are hardly controversial. Next to North Korea, the country is regularly named in the context of digital assets' role in helping states blunt or avoid international sanctions. A series of reports from Reuters in 2022 accused Binance of helping Iranian nationals to make $8 billion worth of digital asset transactions in violation of international sanctions, with most of the funds flowing straight to Nobitex. Iranian officials have openly advocated for using digital assets to get around sanctions, and Western-based companies—including Kraken—have been stung by regulators looking to punish entities who aid in sanctions evasion by processing transactions from Iran. Though the regime's ability to secure financing appears to be the hack's ultimate target, the funds taken from the exchange undoubtedly belonged to many individuals inside and outside Iran who have now lost access to their assets. Indeed, posts on the topic are flooded by ostensibly Iranian X accounts begging for their funds to be returned. Assuming Gonjeshke Darande sent the assets to wallets it had no access to; traditional wisdom would dictate that the funds are lost forever. However, there is growing recognition that individuals might be able to use the courts to force the return of their stolen assets so long as they can prove ownership. Services like Token Recovery have cropped up who make such recovery their business model. Whether anyone with assets held on Nobitex will successfully recover their funds remains to be seen. Given how much of the stolen assets are USD stablecoins, the dollars underlying each one are still held by their issuers, notwithstanding the hackers burning the coins themselves, which may make for an interesting avenue of redress for anyone affected. Watch: Here's how Triple Entry Accounting guarantees trust in accounting title="YouTube video player" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" referrerpolicy="strict-origin-when-cross-origin" allowfullscreen="">
LeMonde
14 hours ago
- Politics
- LeMonde
Who is Gonjeshke Darande, the group behind the cyberattack targeting Sepah Bank in Iran?
While missiles and bombs have flown between Israel and Iran since the large-scale attack launched by Israel on Friday, June 13, the conflict has also extended into cyberspace. On Tuesday, June 17, the group Gonjeshke Darande ("Predatory Sparrow" in Farsi) claimed responsibility for a cyberattack against Sepah Bank, one of the country's largest financial institutions. 24 hours later, on its Telegram channel, the group announced it had targeted Nobitex, the main cryptocurrency exchange platform in Iran, which Gonjeshke Darande described as "a key tool for the regime to finance terrorism and circumvent sanctions." While the group reportedly stole and made disappear as much as $90 million from Nobitex, the full impact of the attack on Sepah Bank has not been completely confirmed. However, the claim is credible, as Gonjeshke Darande has already demonstrated its ability to damage Iranian interests. Although some of its malicious software had been used as early as 2019 against Iranian interests in Syria, the group emerged publicly in summer 2021, when it claimed responsibility for two major operations. The first such operation targeted the Iranian railways, delaying trains and disrupting station activity; the hackers even altered information screens to display the phone number of the office of Supreme Leader Ali Khamenei. The following day, the website of the Ministry of Transport was hit by another cyberattack. "Our goal with this attack was to express our disgust at the abuses and cruelty inflicted by the government on the Iranian nation," the group wrote on its Telegram channel at the time.
Wall Street Journal
18 hours ago
- Business
- Wall Street Journal
Iranian Crypto Exchange Hacked, More Than $90 Million Taken
Iran's largest cryptocurrency exchange was drained of more than $90 million on Wednesday, with a pro-Israel hacking group claiming responsibility, according to a blockchain analysis firm. The cyberattack on the exchange, Nobitex, appeared motivated by the ongoing hostilities between Israel and Iran, blockchain analysis firm Elliptic said in a blog post. Elliptic said the hack had been carried out by Gonjeshke Darande, or 'Predatory Sparrow,' which claimed responsibility for an attack on Iran's Bank Sepah earlier this week. A post on an X account associated with Gonjeshke Darande overnight said the exchange's source code would be released in 24 hours and that assets in the exchange would be vulnerable. Elliptic founder Tom Robinson said the claim was credible.
Nahar Net
a day ago
- Business
- Nahar Net
Hackers say they wiped out $90 million from Iran cryptocurrency exchange
Hackers with possible links to Israel have drained more than $90 million from Nobitex, Iran's largest cryptocurrency exchange, according to blockchain analytics firms. The group that claimed responsibility for the hack leaked on Thursday what it said was the company's full source code. "ASSETS LEFT IN NOBITEX ARE NOW ENTIRELY OUT IN THE OPEN," the group wrote on its Telegram account. The stolen funds were transferred to addresses bearing messages that criticized Iran's Revolutionary Guard, Blockchain analytics firm Elliptic wrote in a blog post. It said the attack likely was not financially motivated as the wallets the hackers had poured the money into "effectively burned the funds in order to send Nobitex a political message." The hackers group, Gonjeshke Darande — "Predatory Sparrow" in Farsi — accused Nobitex of having helped Iran's government to evade Western sanctions over the country's rapidly advancing nuclear program and transfer money to militants, in a post on X claiming the attack. Nobitex appeared to have confirmed the attack. Its app and website were down as it assessed "unauthorized access" to its systems, it said in a post on X. The theft spanned a range of cryptocurrencies, including Bitcoin, Ethereum, Dogecoin and more, said head of national security intelligence at Chainalysis Andrew Fierman. The breach is "particularly significant given the comparatively modest size of Iran's cryptocurrency market," he added. The hack appears to be motivated by escalating tensions in the Israel-Iran conflict, which broke out last week when Israel struck Iran's nuclear sites and military officials, drawing Tehran's response with barrages of missiles. It came after the group said it had destroyed data in a cyberattack against Iran's state-controlled Bank Sepah on Tuesday. Elliptic said that relatives of Iran's Supreme Leader Ali Khamenei were linked to the exchange and that sanctioned Revolutionary Guard operatives had used Nobitex. It shared evidence that the exchange had sent and received funds from cryptocurrency wallets controlled by Iranian allies including Yemen's Houthis and Hamas. Gonjeshke Darande has previously claimed responsibility for other high-level cyberattacks against Iran, including a 2021 operation that paralyzed gas stations and a 2022 effort against a steel mill that sparked a large fire. Israeli media have widely reported that Gonjeshke Darande is linked to Israel but the country's government has never officially acknowledged ties to the group. U.S. Senators Elizabeth Warren and Angus King last year raised concerns about Iran's use of cryptocurrencies to evade sanctions.
Chicago Tribune
a day ago
- Business
- Chicago Tribune
Hackers say they wiped out $90 million from Iran cryptocurrency exchange
DUBAI, United Arab Emirates — Hackers with possible links to Israel have drained more than $90 million from Nobitex, Iran's largest cryptocurrency exchange, according to blockchain analytics firms. The group that claimed responsibility for the hack leaked on Thursday what it said was the company's full source code. 'ASSETS LEFT IN NOBITEX ARE NOW ENTIRELY OUT IN THE OPEN,' the group wrote on its Telegram account. The stolen funds were transferred to addresses bearing messages that criticized Iran's Revolutionary Guard, Blockchain analytics firm Elliptic wrote in a blog post. It said the attack likely was not financially motivated as the wallets the hackers had poured the money into 'effectively burned the funds in order to send Nobitex a political message.' The hackers group, Gonjeshke Darande — 'Predatory Sparrow' in Farsi — accused Nobitex of having helped Iran's government to evade Western sanctions over the country's rapidly advancing nuclear program and transfer money to militants, in a post on X claiming the attack. Nobitex appeared to have confirmed the attack. Its app and website were down as it assessed 'unauthorized access' to its systems, it said in a post on X. The theft spanned a range of cryptocurrencies, including Bitcoin, Ethereum, Dogecoin and more, said head of national security intelligence at Chainalysis Andrew Fierman. The breach is 'particularly significant given the comparatively modest size of Iran's cryptocurrency market,' he added. The hack appears to be motivated by escalating tensions in the Israel-Iran conflict, which broke out last week when Israel struck Iran's nuclear sites and military officials, drawing Tehran's response with barrages of missiles. It came after the group said it had destroyed data in a cyberattack against Iran's state-controlled Bank Sepah on Tuesday. Elliptic said that relatives of Iran's Supreme Leader Ali Khamenei were linked to the exchange and that sanctioned Revolutionary Guard operatives had used Nobitex. It shared evidence that the exchange had sent and received funds from cryptocurrency wallets controlled by Iranian allies including Yemen's Houthis and Hamas. Gonjeshke Darande has previously claimed responsibility for other high-level cyberattacks against Iran, including a 2021 operation that paralyzed gas stations and a 2022 effort against a steel mill that sparked a large fire. Israeli media have widely reported that Gonjeshke Darande is linked to Israel but the country's government has never officially acknowledged ties to the group. U.S. Senators Elizabeth Warren and Angus King last year raised concerns about Iran's use of cryptocurrencies to evade sanctions.
