CyberSecurity news

FlagThis - #israel

@www.elliptic.co //

Israel and Iran Cyber Conflict Intensifies Financial Targets

Cyber warfare between Israel and Iran has significantly escalated, marked by disruptions to financial systems and critical infrastructure. In response to recent cyberattacks, the Iranian government admitted to shutting down the internet to protect against further Israeli incursions. This near-total internet blackout has severely limited Iranians' access to information about the ongoing conflict and their ability to communicate with loved ones both inside and outside the country. The government cited hacks on Bank Sepah and the cryptocurrency exchange Nobitex as reasons for restricting internet access.

The cyberattacks included a major outage at Bank Sepah, where the attackers, a group called Predatory Sparrow, claimed to have deleted data, exfiltrated internal documents, and destroyed backups. Predatory Sparrow also claimed responsibility for draining over $90 million in cryptocurrency from Nobitex, Iran's largest crypto exchange, rendering the stolen funds inaccessible. The group, which purports to be pro-Israel hacktivists, has previously disrupted key services in Iran, such as gas stations and steel plants.

The U.S. cybersecurity groups have issued advisories warning that Iranian-affiliated threat actors may retaliate globally, targeting American companies in sectors like energy, finance, healthcare, and logistics. These alerts urge CISOs to elevate monitoring and reinforce incident response protocols due to the heightened geopolitical risk. The cyber conflict between Israel and Iran marks a significant turning point, with potential global implications for cybersecurity.

Share: bluesky twitterx--v2 facebook--v1 threads


References :
  • techcrunch.com: NEW: Iran's government has now admitted that it took down the internet in the country, arguing that it did to protect against Israeli cyberattacks. I spoke to two Iranians who live abroad and can't communicate with their loved ones back home because of the blackout. "I haven’t heard from them in two days, but someone is supposed to update me. I hope everything is okay," Amir Rashidi told me.
  • SecureWorld News: As kinetic conflict continues to unfold between Israel and Iran, a parallel battle is raging in cyberspace—one that is disrupting financial systems, wiping out crypto holdings, hijacking broadcast channels, and even triggering a near-total internet shutdown. The escalation marks one of the most comprehensive campaigns of cyber warfare in recent memory.
  • securityaffairs.com: Iran experienced a near-total national internet blackout
  • techcrunch.com: Iran’s government says it shut down internet to protect against cyberattacks
  • infosec.exchange: NEW: Iran's government has now admitted that it took down the internet in the country, arguing that it did to protect against Israeli cyberattacks. I spoke to two Iranians who live abroad and can't communicate with their loved ones back home because of the blackout.
  • Web3 is Going Just Great: Israeli-linked hackers steal and destroy $90 million from Iranian Nobitex exchange
  • industrialcyber.co: Radware reports hybrid warfare as cyberattacks, disinformation escalate in 2025 Israel-Iran conflict
  • nsfocusglobal.com: The Hacktivist Cyber Attacks in the Iran-Israel Conflict
  • ThreatMon: Iran-Israel Cyber Conflict Analysis of Threat Actors
Classification:
Nicholas Kitonyi@NFTgators //

Pro-Israel Hackers Steal From Iranian Crypto Exchange

A pro-Israel hacking group, known as Predatory Sparrow, has claimed responsibility for a cyberattack against Nobitex, Iran’s largest cryptocurrency exchange. The attack resulted in the theft of approximately $90 million in various cryptocurrencies, including Bitcoin and Dogecoin, as well as over 100 other cryptocurrencies. According to blockchain analytics firm Elliptic, the funds were drained from the exchange’s wallets into blockchain addresses containing anti-government messages explicitly referencing Iran's Islamic Revolutionary Guard Corps (IRGC).

The attackers, instead of attempting to profit financially, intentionally destroyed the stolen cryptocurrency in what has been described as a symbolic political statement. The funds were sent to blockchain addresses with the phrase "F***iRGCTerrorists" embedded within them. Experts say that generating addresses with such specific terms requires significant computing power, suggesting the primary goal was to send a message rather than to gain financially. The incident underscores the rising geopolitical tensions between Israel and Iran and the vulnerability of cryptocurrency exchanges to politically motivated cyberattacks.

The cyberattack on Nobitex is part of a broader pattern of cyber warfare between Israel and Iran. While the physical conflict has seen airstrikes and other military actions, the digital realm has become another battleground, with potentially significant repercussions for both countries and the wider global community. This incident also follows reports of internet restrictions within Iran, limiting citizens' access to information and communication amidst escalating tensions. The global cybersecurity community needs to stay prepared for security repercussions for the two combatants and the wider global community as the cyberwarfare portion of the conflict is already spilling over off the battlefield and outside the region.

Share: bluesky twitterx--v2 facebook--v1 threads


References :
  • Zack Whittaker: This article also discusses the attack against Nobitex, noting the financial losses and the involvement of a pro-Israel hacking group.
  • techcrunch.com: This news source provides information about the attack against Nobitex, mentioning the theft and destruction of cryptocurrency.
  • Metacurity: This article reports on the attack against Nobitex by the Predatory Sparrow group, highlighting the financial impact and geopolitical context of the event.
  • NFTgators: This news piece details the financial impact of the attack on Nobitex and the potential geopolitical implications.
  • WIRED: This article covers the same event with additional details about the actions of the attacker group and their motives.
  • aboutdfir.com: Pro-Israel hackers drained $90 million from Iran crypto exchange, analytics firm says
  • fortune.com: Pro-Israel group hacks Iranian crypto exchange for $90 million—but throws away the money
  • SecureWorld News: As kinetic conflict continues to unfold between Israel and Iran, a parallel battle is raging in cyberspace—one that is disrupting financial systems, wiping out crypto holdings, hijacking broadcast channels, and even triggering a near-total internet shutdown.
  • Web3 is Going Just Great: Israeli-linked hackers steal and destroy $90 million from Iranian Nobitex exchange The Iran-based Nobitex cryptocurrency exchange suffered a $90 million hack, and the attacker has also promised to imminently release data and source code from the platform.
  • www.elliptic.co: The Iran-based Nobitex cryptocurrency exchange suffered a $90 million hack, and the attacker has also promised to imminently release data and source code from the platform.
Classification:
  • HashTags: #CyberWarfare #Crypto #IranIsrael
  • Company: Iran Crypto Exchange
  • Target: Iran Crypto Exchange
  • Attacker: Predatory Sparrow
  • Product: Crypto Exchange
  • Type: Hack
  • Severity: Disaster
Ben Weiss@fortune.com //

Iran Crypto Exchange Hacked by Predatory Sparrow

A pro-Israel hacktivist group known as Predatory Sparrow has claimed responsibility for a cyberattack on Nobitex, Iran's largest cryptocurrency exchange. The attack resulted in the theft and destruction of approximately $90 million in cryptocurrency. The group stated that Nobitex was targeted for allegedly financing terrorism and evading international sanctions for the Iranian regime. This incident highlights the increasing cyber conflict between Israel and Iran, with hacktivist groups playing a significant role in disruptive operations.

The hackers reportedly sent the stolen funds to inaccessible blockchain addresses, effectively "burning" the cryptocurrency and taking it out of circulation. Blockchain analysis firm Elliptic confirmed the transfer of over $90 million to multiple vanity addresses containing variations of "F--kIRGCterrorists" within their public key. This symbolic act suggests the intention was to send a political message rather than financial gain. It has been noted that Nobitex has over 10 million customers, raising concerns about the potential impact of the breach.

The attack on Nobitex follows a recent claim by Predatory Sparrow of hacking Bank Sepah, another major Iranian financial institution. These cyberattacks come amid escalating tensions and exchanges of airstrikes between Israel and Iran. Cybersecurity experts warn of a growing digital conflict unfolding behind the scenes, with the potential for broader spillover effects. The situation emphasizes the vulnerability of cryptocurrency exchanges to sophisticated cyberattacks and the need for enhanced cybersecurity measures.

Share: bluesky twitterx--v2 facebook--v1 threads


References :
  • infosec.exchange: LorenzoFB post on Infosec Exchange about the group claiming responsibility for Iranian Bank Hack.
  • techcrunch.com: TechCrunch article on pro-Israel hacktivist group claiming responsibility for Iranian bank hack
  • Risky Business Media: Risky Bulletin: Israel-linked hackers claim Iran bank disruption
  • techcrunch.com: Iran’s largest crypto exchange Nobitex said it was hacked and funds drained. Pro-Israel hacking group Predatory Sparrow claimed responsibility for the hack, which saw the group steal and destroy some $90 million in cryptocurrency from the Iranian exchange.
  • CyberScoop: Iran’s financial sector takes another hit as largest crypto exchange is targeted
  • fortune.com: The hackers, who call themselves Predatory Sparrow, sent the funds to likely inaccessible blockchain addresses, burning the cryptocurrency.
  • Zack Whittaker: Iran’s largest crypto exchange Nobitex said it was hacked and funds drained. Pro-Israel hacking group Predatory Sparrow claimed responsibility for the hack, which saw the group steal and destroy some $90 million in cryptocurrency from the Iranian exchange.
  • www.nftgators.com: Pro-Israeli Hacker Group Drains $90M from Iranian Crypto Exchange Nobitex
  • bsky.app: My latest for BBC Persian: 'Predatory Sparrow' hackers stole $90 million from Iranian cryptocurrency company to 'send a message'.
  • WIRED: Israel-Tied Predatory Sparrow Hackers Are Waging Cyberwar on Iran’s Financial System
  • NFTgators: Pro-Israeli Hacker Group Drains $90M from Iranian Crypto Exchange Nobitex.
  • Metacurity: Metacurity reports on the Predatory Sparrow group's activities, including the Nobitex attack and other Iranian targets.
  • Risky Business Media: Tom Uren and Patrick Gray talk about a Minnesota man who used people-search services to locate, stalk and eventually murder political targets. They also discuss purported hacktivist group Predatory Sparrow weighing in on the Iran-Israel conflict. It has attacked Iran’s financial system including a bank associated with the Iranian Revolutionary Guard Corp and also burnt USD$90 million worth of cryptocurrency from an Iranian exchange This episode is also available on Youtube.
  • aboutdfir.com: Pro-Israel hackers drain $90 million from Iran crypto exchange, analytics firm says  Iran’s largest cryptocurrency exchange, Nobitex, was hacked for more than $90 million Wednesday, according to blockchain analytics firm Elliptic.
  • SecureWorld News: Israel–Iran Conflict Escalates in Cyberspace: Banks and Crypto Hit, Internet Cut
  • www.metacurity.com: Israeli-linked hackers seized and burned $90 million from Iran's Nobitex exchange
  • aboutdfir.com: Pro-Israel hackers drain $90 million from Iran crypto exchange, analytics firm says 
  • The Hacker News: Iran's State TV Hijacked Mid-Broadcast Amid Geopolitical Tensions; $90M Stolen in Crypto Heist
  • CyberScoop: This article reports on the cyberattack claimed by Predatory Sparrow against Iran's Bank Sepah.
  • cyberriskleaders.com: This episode of Risky Business discusses the $90 million crypto hack of the Iranian exchange, Nobitex, and other recent cybersecurity incidents in the context of the Israeli-Iranian conflict. The hosts, Patrick Gray and Adam Boileau, are joined by special guest Chris Krebs to discuss various threat actor tactics and trends.
  • www.elliptic.co: The Israeli-linked Gonjeshke Darande hacking group claimed responsibility for the attack.
  • Industrial Cyber: Radware reports hybrid warfare as cyberattacks, disinformation escalate in 2025 Israel-Iran conflict
  • Web3 is Going Just Great: The Iran-based Nobitex cryptocurrency exchange suffered a $90 million hack, and the attacker has also promised to imminently release data and source code from the platform.
  • industrialcyber.co: Radware reports hybrid warfare as cyberattacks, disinformation escalate in 2025 Israel-Iran conflict
  • Risky Business Media: Russian hackers abuse app-specific passwords to bypass multi-factor, the tenth Salt Typhoon victim is identified, Predatory Sparrow destroys $90 million from an Iranian crypto-exchange, and Argentina arrests a Russian disinfo gang.
  • Risky Business Media: Between Two Nerds: The evil genius of Predatory Sparrow
Classification:

Posts

Blogs

Research Tools