Updated Jun 19, 2025, 1:04\u202fp.m. <\/span>Published Jun 19, 2025, 10:34\u202fa.m. <\/span><\/p>\n<\/div>\n The pro-Israel hacker collective Gonjeshke Darande released the full source code of Iranian crypto exchange Nobitex, just a day after orchestrating a $100 million exploit<\/a> across multiple blockchains as the war between the two countries nears the end of its first week.<\/p>\n The move raised fresh concerns for users who have not yet withdrawn their assets from the platform because the code makes it extremely easy for nefarious actors to access and exploit.<\/p>\n Israel attacked military and nuclear sites in Iran<\/a> on Friday saying it had to take action to prevent its enemy, which has vowed to wipe the Jewish state off the map, attaining nuclear weapons. Iran responded with ballistic missile launches<\/a> targeting the entire country, sending millions into shelters at short notice.<\/p>\n In an X post on Thursday, the hacker group, whose name is Farsi for Predatory Sparrow, wrote: \u201cTime\u2019s up \u2013 full source code linked below. ASSETS LEFT IN NOBITEX ARE NOW ENTIRELY OUT IN THE OPEN.\u201d<\/p>\n Time’s up – full source code linked below.<\/p>\n ASSETS LEFT IN NOBITEX ARE NOW ENTIRELY OUT IN THE OPEN. But before that, lets meet Nobitex from the inside:<\/p>\n Exchange Deployment (1\/8) pic.twitter.com\/jiMfBpNXwd<\/a><\/p>\n<\/div>\n \u2014 Gonjeshke Darande (@GonjeshkeDarand) June 19, 2025<\/a><\/p><\/blockquote><\/div>\n The leak included blockchain scripts, internal privacy settings and a list of servers, effectively dismantling the exchange\u2019s back-end security.<\/p>\n The source code dump follows through on threats issued a day earlier, when Gonjeshke Darande claimed responsibility for the hack and promised to release internal data.<\/p>\n The group accused Nobitex of aiding Iran in circumventing international sanctions and called the platform the \u201cregime\u2019s favorite sanctions violation tool.\u201d<\/p>\n Over $90 million in tokens from Bitcoin, EVM, Ripple, Dogecoin, Solana and other networks were deliberately sent to burner addresses, making recovery unlikely.<\/p>\n Blockchain data shows that funds were moved to provocatively named wallets, such as \u201c1FuckiRGCTerroristsNoBiTEXXXaAovLX\u201d and \u201cDFuckiRGCTerroristsNoBiTEXXXWLW65t,\u201d suggesting the use of brute-force-generated vanity addresses that the attackers do not hold private keys for. The IRCG, or Islamic Revolutionary Guard Corps<\/a>, is an powerful and influential branch of the Iranian military.<\/p>\n Nobitex responded on Thursday, stating that no additional losses occurred after the leak and that it plans to begin restoring services within five days, although ongoing internet disruptions in Iran may delay the recovery.<\/p>\n<\/div>\n![\"bitcoins](\"http:\/\/www.coindesk.com\/_next\/image?url=%2F_next%2Fstatic%2Fmedia%2Fcoindesk-logo.68661da3.png&w=384&q=75&dpl=dpl_4SiNM1yfThgaDeRnmqHpgfnCE5JW\"){kind=logo}
<\/a><\/p>\n<\/div>\n<\/header>\nBitcoins The pro-Israel group Gonjeshke Darande follows through on its threats, publishing the full exchange code and security files, thereby placing the remaining Nobitex assets at risk.<\/h2>\n
![\"bitcoins](\"http:\/\/www.coindesk.com\/_next\/image?url=https%3A%2F%2Fcdn.sanity.io%2Fimages%2Fs3y3vcno%2Fproduction%2F8f48b5546dc438c0a126363acee73ba576ac3b1b-1024x768.jpg%3Fauto%3Dformat&w=3840&q=75\")
<\/p>\nWhat to know: <\/h4>\n
\n
\n
\u0628\u0627\u0632\u0645\u0627\u0646\u062f\u0647 \u062f\u0627\u0631\u0627\u06cc\u06cc \u0647\u0627\u06cc \u0634\u0645\u0627 \u062f\u0631 \u0646\u0648\u0628\u06cc\u062a\u06a9\u0633 \u0647\u0645 \u0627\u06a9\u0646\u0648\u0646 \u062f\u0631 \u0645\u0639\u0631\u0636 \u062f\u06cc\u062f \u0648 \u062e\u0637\u0631 \u0647\u0633\u062a\u0646\u062f<\/p>\n