The Algerian resource MenaDefense published data that raises concerns not only in Iran but also among all cryptocurrency traders, including Binance users. On June 18, 2025, the hacker group Gonjeshke Darande conducted a powerful attack on the Iranian cryptocurrency exchange Nobitex, withdrawing cryptocurrencies worth up to 90 million dollars from the platform.
Surprisingly, the goal of the hack was not personal enrichment. The stolen assets were transferred to secure wallets with anti-Iranian slogans. Essentially, it was a political action disguised as a hacking operation.
Analysts claim that the attack was orchestrated by Israeli intelligence with support from the U.S., as well as — interestingly — Ukrainian IT specialists recruited to develop and implement malware capable of breaching protections of Chinese and Iranian origin.
Before the attack on Nobitex, the same group incapacitated the Iranian bank Sepah, destroying data and disrupting banking systems. All of this is part of a broader strategy: a strike against the financial systems of states using cryptocurrency to circumvent Western sanctions.
🎯 Why did Nobitex become a target?
In the context of harsh sanctions, Iran actively uses cryptocurrency for foreign economic operations. Nobitex is the largest cryptocurrency exchange in the country, through which, according to Chainalysis, over 11 billion dollars in transactions have passed.
But not everything is so transparent: the platform, according to investigations, had connections with the Iranian authorities, as well as with organizations such as Hamas and the Houthis, which are under international sanctions.
In this context, the attack on Nobitex was not just a hack, but a targeted strike against a tool for circumventing sanctions, aimed at sending a signal to other participants in the 'shadow' cryptocurrency world. And it worked: trading volumes on the platform collapsed by 70%, and user trust was shaken.
🕵️♂️ What about Ukraine?
Interestingly, according to Wired, some of the malicious tools were provided by American structures to cyber groups in Kyiv, presumably for attacks on financial organizations in Europe related to Iran and China.
However, Ukrainian hackers reportedly used tools for their own purposes, attacking structures in the EU, including Hungary. This underscores the danger of handing over 'digital weapons' even to loyal subjects — they can go out of control and be used for unauthorized purposes.
💣 Binance — next?
Although Binance is an internationally regulated platform, it often becomes a target for both hackers and political players, especially due to its availability in sanctioned countries.
The situation with Nobitex shows how vulnerable even major platforms remain if they are involved in geopolitical processes.
Essentially, cryptocurrencies have become a new battlefield where states, hackers, and private companies engage in an unnoticed but destructive struggle.
🧩 A question for the crypto community
It becomes evident that cryptocurrency is no longer just a technology. It is a tool of global politics and economic warfare. And the main question is — how to protect oneself?
Trust only platforms with transparent structures and high cybersecurity.
Study the information about the origin and purpose of tokens.
Be prepared for a temporary abandonment of centralized platforms during systemic attacks.
Use cold wallets and multi-factor authentication.
Follow geopolitical news, especially those concerning sanctions and conflicts.
📍The story with Nobitex is not about Iran. It is a signal to the entire crypto world: 'Anonymity' and 'decentralization' do not protect against state interests.
We have entered an era where hackers are soldiers, and cryptocurrencies are weapons. The only question is which side of the front your wallet will end up on.
