The Central Bank of Iran ordered restricted working hours for local crypto platforms after the $100M Nobitex hack.
New rules limit Iranian crypto exchanges to operating only between 10:00 a.m. and 8:00 p.m.
The curfew came shortly after Nobitex confirmed the breach. Blockchain analysis firm Chainalysis cited reports that Iranian authorities moved quickly to control damage and monitor capital movements during rising tensions.
Andrew Fierman, head of national security intelligence at Chainalysis, said that events are easier to manage if they don’t happen at night.
He also noted that Iran’s regime might want to tighten control over cross-border transactions.
This is not the first time the Iranian central bank has interfered with exchange operations. In December 2024, it temporarily shut down crypto exchanges to stop the national currency, the Rial, from falling further in value.
Gonjeshke Darande Claims Nobitex Hack During Regional Tensions
Nobitex, Iran’s top exchange, reported a major security breach on the morning of June 19.
The stolen amount is estimated at over $100 million, including Bitcoin, Ether, Dogecoin, XRP, and Solana.
The pro-Israel hacking group Gonjeshke Darande claimed responsibility for the exploit. The group said it had breached Nobitex’s internal systems and drained its hot wallets.
The stolen crypto was sent to wallet addresses that cannot be accessed again, according to Chainalysis.
Fierman said this incident did not follow the usual pattern of financially motivated hacks. He pointed out that the stolen tokens were not transferred for profit but instead burned, meaning sent to dead addresses to make them permanently unusable.
The hack came just days after Israeli strikes inside Iran on June 13, part of an ongoing series of confrontations. These events may have influenced the timing of the Nobitex breach.
Nobitex Moves Assets to Cold Storage, Keeps Access Closed
Following the Nobitex hack, the exchange shut down external server access to prevent further loss. A statement posted to X confirmed the move:
“As part of Nobitex’s ongoing response to the recent security incident, we would like to inform our users that the situation is now under control.”
Though user access remains offline, the company said that its Nobitex Reserve Fund will cover the lost crypto.
Meanwhile, the team has moved remaining assets to cold storage to avoid further exposure. Hot wallets, connected to the internet, are now being emptied.
Nobitex said that internet restrictions and limited server access may delay the platform’s return. The team has not shared a timeline for when users can resume normal activity.
The platform stated it would continue to take steps to protect remaining user funds. No new security breach has been reported since the hot wallets were isolated.
Nobitex Handles Over $11B, Leads Iranian Crypto Market
Data from Chainalysis shows Nobitex received more than $11 billion in crypto inflows. This is higher than the combined volume of the next ten Iranian crypto exchanges, which reached under $7.5 billion.
The platform plays a key role in Iran’s crypto market. It connects local users to global markets and operates under sanctions that cut off traditional financial access.
Chainalysis reported that some wallets linked to Nobitex had connections to entities under Western sanctions.
These included Houthi rebels in Yemen, a pro-al-Qaeda propaganda channel, and Russian crypto platforms Bitpapa and Garantex.
These ties place Nobitex at the center of a complex crypto network. The hack has not only disrupted Iran’s largest exchange but also raised concerns about how crypto flows through restricted financial ecosystems.
Disclosure:This article does not contain investment advice or recommendations. Every investment and trading move involves risk, and readers should conduct their own research when making a decision.
Kriptoworld.com accepts no liability for any errors in the articles or for any financial loss resulting from incorrect information.
