Hacking group tied to Israel claims to have carried out cyberattack on Iranian cryptocurrency exchange company

A hacking group linked to Israel claims to have carried out a cyberattack on an Iranian cryptocurrency exchange company.

The group known as Gonjeshke Darande, or “predatory sparrow,” says it will “release Nobitex’s source code and internal information from their internal network” in 24 hours.

“Any assets that remain there after that point will be at risk!” the group says.

“The Nobitex exchange is at the heart of the regime’s efforts to finance terror worldwide, as well as being the regime’s favorite sanctions violation tool. Nobitex doesn’t even pretend to abide by sanctions. In fact, it publicly instructs users on how to use its infrastructure to bypass sanctions,” Gonjeshke Darande says in a post on X.

After the IRGC’s “Bank Sepah” comes the turn of Nobitex
WARNING!

In 24 hours, we will release Nobitex's source code and internal information from their internal network.
Any assets that remain there after that point will be at risk!

The Nobitex exchange is at the heart of the… pic.twitter.com/GFyBCPCFIE

— Gonjeshke Darande (@GonjeshkeDarand) June 18, 2025

Gonjeshke Darande yesterday claimed to have hacked Iran’s Bank Sepah. Reports indicated that the bank’s services were not unavailable after the hack.

In recent years, the group has claimed responsibility for several cyber attacks on Iran, including against gas stations and a steel factory.

Israel generally maintains a policy of ambiguity regarding its cyber operations against Iran, and does not disclose its responsibility for them.

“Bypassing sanctions doesn’t pay,” Gonjeshke Darande adds in a separate post, attaching screenshots purportedly showing seized crypto funds woth tens of millions of dollars.