Latest news with #ZachXBT
Yahoo
2 days ago
- Business
- Yahoo
Iranian Crypto Exchange Nobitex Hacked for $90M by Suspected Israeli Group
Iranian crypto exchange Nobitex has been hacked for $90 million by Israel-linked hacking activist group Gonjeshke Darande, according to a blog post from blockchain security firm Elliptic. The group said in an X post: 'After Bank Sepah, it was Nobitex's turn,' referencing their Tuesday cyberattack on Iran's state-owned lender. They warned that Nobitex's internal data and source code would be released within a day, and any assets left on the exchange would be 'at risk.' On-chain sleuth ZachXBT first flagged suspicious outflows totaling $81.7 million in Tron's TRX TRX, bitcoin BTC, dogecoin DOGE and other tokens in his Telegram channel on Wednesday. The stolen funds were traced to a wallet using a provocative vanity address: TKFuckiRGCTerroristsNoBiTEXy2r7mNX. Estimates of funds stolen was later updated to over $82 million, with funds stolen across Bitcoin, Dogecoin and EVM chains from addresses including"0xffFFfFFffFFffFfFffFFfFfFfFFFFfFfFFFFDead," "1FuckiRGCTerroristsNoBiTEXXXaAovLX," and "DFuckiRGCTerroristsNoBiTEXXXWLW65t."The group called Nobitex a 'core part of the regime's terror financing network,' accusing it of helping Iran evade international sanctions by enabling crypto-based payments. Nobitex, Iran's largest exchange, confirmed the attack in an X post but did not mention or confirm stolen funds. The hack also does not appear to be financially motivated, Elliptic said. The funds were sent to vanity addresses created through "brute force" methods - involving the creation of large numbers of cryptographic key pairs until one contains the desired text. "But creating vanity addresses with text strings as long as those used in this hack is computationally infeasible. This means that Predatory Sparrow would not have the private keys for the crypto addresses they sent the Nobitex funds to, and have effectively burned the funds in order to send Nobitex a political message," Elliptic said. At the time of writing, it is unclear what attack method was used by Gonjeshke Darande to conduct the exploit. The hack comes amid a flurry of cyber and physical attacks between Iran and Israel. Gonjeshke Darande, believed by cybersecurity analysts to have ties to Israeli intelligence, has previously claimed responsibility for coordinated infrastructure attacks on Iranian steel factories and gas stations. With the source code leak looming, Nobitex now faces not only financial loss but a full-blown credibility crisis — and users who haven't yet moved funds may stand to lose everything, per the hacking group's followup threats. UPDATE (Jun. 18, 08:34 UTC): Updates headline and text with new information. UPDATE (Jun. 18, 11:56 UTC): Adds details from the Elliptic blog.
Economic Times
2 days ago
- Business
- Economic Times
Israel is not only bombing Iran, but hackers have also emptied Iran's largest exchange
Hackers, reportedly linked to Israel, have stolen approximately $81 million from Nobitex, Iran's largest cryptocurrency exchange. The group, Gonjeshke Darande, claimed responsibility, citing Iran's use of the platform to circumvent sanctions and fund terrorism. Nobitex has suspended operations and pledged to reimburse affected users, while the hackers threaten to leak sensitive data. Tired of too many ads? Remove Ads Hackers warning Tired of too many ads? Remove Ads FAQs Hackers linked to Israel have stolen money from Iran's biggest crypto exchange called Nobitex. Nobitex announced on X, June 18 that someone got into part of its system without permission and took money from their "hot wallet." The hackers only took money from some hot wallets, not from the "cold storage," so most users' assets are still safe, according to the report by said it will pay back all the affected users using its insurance fund and company resources. Because of the hack, Nobitex's website and app are currently down. A hacker group called Gonjeshke Darande , also known as Predatory Sparrow, said they did the attack. This group is linked to Israel, as per hackers threatened to leak Nobitex's secret computer code and internal info within 24 hours. The hackers said they attacked Nobitex because Iran uses it to break sanctions and "finance terror." This same group had earlier hacked data from Iran's Islamic Revolutionary Guard Corps bank called 'Bank Sepah', as stated by to reports, crypto expert ZachXBT wrote on Telegram that Nobitex lost about $81 million through suspicious transfers on Tron and Ethereum networks. The hacking group confirmed ZachXBT's $81 million theft claim in their next message. Iran uses cryptocurrency to fight Western economic sanctions that it calls 'terrorism.'Many Bitcoin traders like Iran because electricity is cheap, especially after China cracked down on has a lot of oil and gas but struggles to use global financial markets because of sanctions, as reported by $81 million was stolen, mostly from Ethereum and Tron wallets. (ZachXBT via Telegram)The group is called Gonjeshke Darande and is linked to Israel.
Time of India
2 days ago
- Business
- Time of India
Israel is not only bombing Iran, but hackers have also emptied Iran's largest exchange
Hackers linked to Israel have stolen money from Iran's biggest crypto exchange called Nobitex. Nobitex announced on X, June 18 that someone got into part of its system without permission and took money from their "hot wallet." The hackers only took money from some hot wallets, not from the "cold storage," so most users' assets are still safe, according to the report by TheStreet. Nobitex said it will pay back all the affected users using its insurance fund and company resources. Because of the hack, Nobitex's website and app are currently down. A hacker group called Gonjeshke Darande , also known as Predatory Sparrow, said they did the attack. This group is linked to Israel, as per reports. Hackers warning The hackers threatened to leak Nobitex's secret computer code and internal info within 24 hours. The hackers said they attacked Nobitex because Iran uses it to break sanctions and "finance terror." This same group had earlier hacked data from Iran's Islamic Revolutionary Guard Corps bank called 'Bank Sepah', as stated by TheStreet. by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links You May Like Top 5 Dividend Stocks for May 2025 Seeking Alpha Read Now Undo According to reports, crypto expert ZachXBT wrote on Telegram that Nobitex lost about $81 million through suspicious transfers on Tron and Ethereum networks. The hacking group confirmed ZachXBT's $81 million theft claim in their next message. Iran uses cryptocurrency to fight Western economic sanctions that it calls 'terrorism.' Many Bitcoin traders like Iran because electricity is cheap, especially after China cracked down on has a lot of oil and gas but struggles to use global financial markets because of sanctions, as reported by TheStreet. Live Events FAQs Q1. How much money was stolen from Nobitex? Around $81 million was stolen, mostly from Ethereum and Tron wallets. (ZachXBT via Telegram) Q2. Who are the hackers behind the Nobitex attack? The group is called Gonjeshke Darande and is linked to Israel.
Yahoo
06-06-2025
- Business
- Yahoo
Bitopro Confirms $11M Hack, Taiwan Crypto Exchange Says It Has Replenished Lost Funds
Taiwan-based crypto exchange BitoPro has confirmed to CoinDesk that it suffered a cyberattack on an old hot wallet in May, resulting in losses of over $11 million. The company said it immediately replenished the stolen funds and moved assets to new wallets to prevent further losses. The breach, which occurred on May 8 during a wallet system upgrade, was first flagged by blockchain sleuth ZachXBT. He revealed that the stolen funds were laundered through decentralized exchanges and privacy protocols before being deposited into Wasabi Wallet, a popular Bitcoin mixer. 'BitoPro recently experienced a cyberattack on an old hot wallet during a wallet system upgrade,' the exchange shared with CoinDesk. 'Upon detection, we quickly launched an emergency response, securing assets by moving them to new wallets and blocking the attacker.' The company emphasized that user assets were unaffected, with all deposits, withdrawals, and trading functions continuing as normal. 'BitoPro's virtual asset reserves are ample, and user assets remain completely unaffected,' a spokesperson added. The exchange said it is working with a third-party cybersecurity firm to investigate the hack and will soon publish new hot wallet addresses to improve transparency. It added that the majority of its assets are held in offline cold wallets to protect against similar incidents in the future. BitoPro, which is operated by BitoGroup, has served Taiwan's crypto market since 2018. It supports major cryptocurrencies paired with the Taiwanese dollar and processed over $20 million in trading volume in the past 24 hours, according to while retrieving data Sign in to access your portfolio Error while retrieving data Error while retrieving data Error while retrieving data Error while retrieving data
WIRED
05-06-2025
- Business
- WIRED
Ross Ulbricht Got a $31 Million Donation From a Dark Web Dealer, Crypto Tracers Suspect
Jun 5, 2025 2:50 PM Crypto-tracing firm Chainalysis says the mysterious 300-bitcoin donation to the pardoned Silk Road creator appears to have come from someone associated with a different defunct black market: AlphaBay. Online marketplace Silk Road creator Ross Ulbricht speaks at The Bitcoin Conference at The Venetian Convention & Expo Center on May 29, 2025, in Las Vegas, Nevada. Photograph:When Ross Ulbricht received a $31 million bitcoin donation last weekend from an unknown source, many observers saw it as more than a very nice welcome-home gift. Rumors swirled that the creator of the Silk Road, less than five months after receiving a pardon from Donald Trump that saved him from a lifetime in prison, was sending himself a trove of his stashed criminal proceeds from his days running the dark web's first black market more than a decade prior. Now cryptocurrency tracing investigators say they've arrived at a stranger explanation: The money wasn't originally Ulbricht's, and didn't come from the Silk Road. Instead, they suspect it came from a different long-defunct dark web black market: AlphaBay. The crypto tracing firm Chainalysis tells WIRED that, based on blockchain analysis, it has tied the origin of the 300 bitcoins sent to Ulbricht on Sunday to someone involved in AlphaBay, a dark web market that sold a wide variety of drugs and cybercriminal contraband from 2014 to 2017 and eventually grew to be 10 times the size of the Silk Road, according to the FBI. Chainalysis says the funds appear to have emerged from AlphaBay around 2016 and 2017. Given the amount of the donation, Chainalysis suggests it might have come from someone who acted as a large-scale seller on the market. 'We have reasonable grounds to suspect that these funds originated in AlphaBay,' says Phil Larratt, Chainalysis's director of investigations and a former official at the UK's National Crime Agency. 'Looking at the amount, that would suggest they came from someone who was possibly a vendor on AlphaBay back in the early days.' WIRED reached out to Ulbricht for comment about the donation's origin via contacts at the Free Ross campaign that lobbied for his pardon, but didn't immediately receive a response. Prior to Chainalysis's finding that the $31 million donation appears to have originated at AlphaBay, the independent crypto tracing investigator known as ZachXBT had already posted to his account on X his own findings that the money didn't appear to have come from the Silk Road. ZachXBT found that, despite the donor's use of multiple Bitcoin 'mixers' that take in users' coins and return others to obfuscate their trail on the blockchain, he was able to trace the funds to an address that had been flagged in Chainalysis's software tool Reactor as tied to illicit activity. That analysis suggested that the money was a 'legitimate donation but not legitimate funds,' ZachXBT wrote in a text message to WIRED. ZachXBT also found that the same individual who controlled the funds had cashed out other cryptocurrency at an exchange in small, distributed quantities rather than in a single sum, suggesting he or she may have been trying to prevent them being seized or flagged—another sign that the money may have come from criminal origins. 'Usage of multiple mixers, spreading out CEX deposits, etc,' ZachXBT writes to WIRED, using the term CEX to mean a centralized exchange, 'that is done typically if you are trying to avoid getting illicit funds frozen.' Chainalysis declined to offer more information on how exactly it identified the funds as originating at AlphaBay. But the company has built a business around identifying illicit services like digital black markets out of the morass of billions of cryptocurrency addresses. Chainalysis' identification of the AlphaBay cluster of bitcoin addresses, in fact, played a key role in the takedown of the market in a law enforcement investigation known as Operation Bayonet that spanned 2016 and 2017. AlphaBay certainly produced plenty of crypto kingpins who would have the kind of eight-figure sum donated to Ulbricht. Before it was torn offline in an elaborate sting operation in July of 2017, the site was facilitating $2 million a day in sales, largely of illegal drugs although it also offered malware, stolen data, and other cybercriminal wares. AlphaBay's creator and administrator, Alexandre Cazes, died in a Bangkok jail cell under mysterious circumstances following his arrest, but the site's second-in-command, who went by the handle Desnake, appears to have remained at large. Any bitcoins an AlphaBay seller or administrator managed to hold onto since the site's closure would have since appreciated more than 40-fold. Exactly why one of AlphaBay's crypto moguls would donate $31 million to Ulbricht, however, remains a mystery. Speculation on social media has ranged from a fellow black marketeer repaying a favor to a more principled gift intended to thank Ulbricht for blazing a trail with his invention of the Silk Road's crypto-enabled anonymous transactions. That gratitude may also take into account that, while many got rich on the dark web markets that Ulbricht pioneered, he instead spent over a decade in prison, speculates Taylor Monahan, a crypto tracer and security researcher at crypto firm MetaMask. 'People donate when they're deeply inspired by someone and/or grateful and/or have some sort of remorse for the situation,' says Monahan. 'Survivor's guilt is wild.'
