- The hacking group Gonjeshke darande leaked sensitive user data.
- The Israeli authorities arrested three citizens who monitored Iran.
- Nobitex transactions in the past show signs of money laundry.
Nobitex hacking is expanding beyond missing funds.
The $ 90 million violation of Iran’s largest cryptocurrency exchange on June 18 is now related to potential spy events related to Israel and Iranian agents.
According to the Blockchain Intelligence company TRM Labs, on June 24, Israeli citizens were arrested for watching Iran, and hacking may have played an important role in exposure.
The suspect between 19 and 28 years of age was believed to have been employed by Iranian handler and is known to be paid as a cryptocurrency.
Their mission included military site photos, pro-Iran graffiti tags, high-ranking movement tracking, and surveillance data collection.
Israeli authorities argue that some encryption transactions related to the suspect can be tracked and may have been identified by using data leaked from Nobitex.
Gonjeshke darande claims responsibility for violations
Attacks on Nobitex were carried out by the pre-Israeli hacking group Gonjeshke darande.
The group, known to be aimed at the Iranian connection infrastructure, participated in cyber operation, which was previously available for intelligence purposes.
Since the violation of June 18, Nobitex’s internal system has been damaged and more than $ 90 million digital assets have been drained.
Since then, the attacker leaks sensitive data, including potential wallet details, and knows customer (KYC) records and internal communication.
This leak is published in one day after hacking, suggesting a high level of access and adjustment.
Although there is no direct connection between the NOBITEX violation and the arrest, TRM Labs pointed out that the data leaked from the exchange could help the Israeli authorities identify related user data connected to cryptocurrency and spy cases.
Payment of encryption, tracking and proceeding on chain
According to TRM Labs, the arrested individual received thousands of dollars in cryptocurrency in return for performing intelligence.
These payments were delivered through the anonymization system, but eventually tracked using blockchain analysis.
The encryption transmission has formed an important part of the evidence used in the investigation.
At the same time, investigators found suspicious historical funds in Nobitex.
This included structured transactions designed to bypass detection and illegal activities to connect to the designated wallet.
Exchange’s exposure has raised questions about Nobitex’s internal control and compliance practices.
According to TRM analysis, the same infrastructure used to receive payment during hacking may have been exposed.
This suggests that the outcome of the violation has expanded beyond financial losses to the national security area.
NOBITEX is facing an investigation into past transmission.
As the investigation into violations intensifies, analysts show some of NobiteX’s past transactions with potential relationships.
The funds are consistent with the known tactics used by the threats to cover their origins to cover their origins through various wallets and exchanges.
The exchange has not announced a detailed failure of the loss or leaked data, but the rapid appearance of evidence supporting the arrest of Israel suggests that Gonjeshke darande may have aimed at more than a simple user balance.
This work may have been designed to expose the hidden relationship between the Iranian national password channel and the individual operated abroad.
The double impact of the attack (financial damage and intelligence exposure) is attracting new interest in the vulnerability of the cryptocurrency exchange in a designated areas.
Nobitex is now at the center of doubts about cyber crimes, spies and sanctions.