Hacker group Predatory Sparrows on Thursday made good on its threat a day earlier to publish the source code for Iran’s Nobitex cryptocurrency exchange.
The group, which often goes by its Farsi name, Gonjeshke Darande, accused Nobitex of being “at the heart of the regime’s efforts to finance terror worldwide, as well as being the regime’s favorite sanctions violation tool.”
“Time’s up – full source code linked below. ASSETS LEFT IN NOBITEX ARE NOW ENTIRELY OUT IN THE OPEN” the group, posted on its X account on Thursday.
On Wednesday, the group, thought to be linked to Israel, gave Nobitex exchange users 24 hours to withdraw assets. It also “burned” $90 million from Nobitex-held wallets, in what tech outlet Wired described as an unusual move.
“Most of the addresses where the hacked funds are currently held are vanity addresses, containing some variation of the term “F***IRGCterrorists” within their public key,” according to Elliptic, a British blockchain analytics firm headquartered in London.
By transferring the funds to these addresses, the group essentially rendered them permanently inaccessible.