Loss of approximately 100 million USD!

Written by: Beosin

On June 18, Iran's largest cryptocurrency exchange, Nobitex, announced that it had suffered a hacker attack, resulting in a loss of approximately 100 million USD, involving various cryptocurrencies such as BTC, ETH, Doge, XRP, SOL, TRX, and Ton. A pro-Israel organization named "Gonjeshke Darande" has claimed responsibility for the attack, characterizing it as a strike against Iran's cryptocurrency infrastructure. The Beosin security team promptly analyzed the incident and tracked the funds, sharing the results as follows:

Flow of Stolen Funds

This attack involved multiple blockchain networks. Through Beosin Trace analysis, the following attacker addresses have been confirmed:

TRON Network: TKFuckiRGCTerroristsNoBiTEXy2r7mNX

Ethereum Network: 0xffFFfFFffFFffFfFffFFfFfFfFFFFfFfFFFFDead

BTC Network: 1FuckiRGCTerroristsNoBiTEXXXaAovLX

Solana Network: FuckiRGCTerroristsNoBiTEXXXXXXXXXXXXXXXXXXX

Ripple Network: rFuckiRGCTerroristsNoBiTEXypBrmUM

TON Network: UQABFuckIRGCTerroristsNOBITEX1111111111111111_jT

Harmony Network: one19fuckterr0rfuckterr0rfuckterr0rxn7kj7u

Dogecoin Network: DFuckiRGCTerroristsNoBiTEXXXWLW65t

Among them, the TRON network lost 23,531 TRX and 49,439,310 USDT, totaling approximately 49.45 million USD. The fund flow chart is shown below:

Beosin Trace Fund Flow Chart

The Ethereum network lost 939,556 USDT, 262.87 ETH, and various tokens from the Ethereum ecosystem (UNI, AXS, PEPE, MASK, MEME, AAVE, etc.), totaling approximately 8.2 million USD. Below are the main stolen asset flows on the Ethereum network:

Beosin Trace Fund Flow Chart

The Bitcoin network lost 18.47 BTC, amounting to approximately 1.93 million USD. Below is the fund flow of the stolen BTC:

Beosin Trace Fund Flow Chart

The Ripple network lost 373,852 XRP, amounting to approximately 800,000 USD:

Beosin Trace Fund Flow Chart

The Solana network lost 173 SOL, 336,067 WIF, and 31,954 RENDER, totaling approximately 400,000 USD:

Beosin KYT Fund Flow Chart

The Dogecoin network lost 39,409,954 Doge, amounting to approximately 6.7 million USD, while the Harmony and TON networks collectively lost about 400,000 USD. Further addresses related to the attackers are still under investigation and confirmation. Beosin Trace and KYT have added the confirmed attacker addresses to the blacklist and will continue to track them.

Nobitex's Response

After the attack, Nobitex immediately issued a public statement indicating that most of the exchange's cryptocurrency assets are still stored in secure cold wallets and were unaffected. Additionally, Nobitex has taken measures to isolate the attacked systems and enhance its security posture to reduce the risk of similar attacks in the future.

According to media reports, due to this attack, the Central Bank of Iran has instructed all domestic cryptocurrency exchanges to limit their operating hours from 10 AM to 8 PM and to implement stricter regulatory measures on relevant exchanges.

Summary

Nobitex is not only Iran's largest cryptocurrency exchange but also a key hub in Iran's heavily sanctioned cryptocurrency ecosystem, providing access to the global market for users who cannot access traditional finance. This attack highlights the inherent conflict between the borderless nature of cryptocurrencies and national geopolitics, and it further underscores the urgent need for ongoing blockchain intelligence and on-chain and off-chain risk analysis in the cryptocurrency ecosystem.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。