4 hours ago
1
The Iranian crypto exchange’s wallets were exploited for at least $73 million as attackers used vanity addresses for the theft.
Iran-based cryptocurrency exchange Nobitex appears to have been exploited for over $73 million of digital assets, according to onchain investigator ZachXBT.
The attack, disclosed in a June 18 Telegram post, allegedly drained at least $73 million in assets across the Tron network and Ethereum Virtual Machine (EVM)-compatible blockchains, though only a portion is confirmed lost.
ZachXBT spotted attackers using a “vanity address” to exploit the protocol, which resulted in “suspicious outflows” from multiple Nobitex-linked wallets.
A vanity address refers to a public wallet address with a specific, user-defined sequence of characters. The first $49 million was stolen through the address “TKFuckiRGCTerroristsNoBiTEXy2r7mNX.” The second address used was “0xffFFfFFffFFffFfFffFFfFfFfFFFFfFfFFFFDead,” according to Tronscan.
Attacker wallet “KFucki.” Source: TronscanRelated: Coinbase data leak could put users in physical danger: TechCrunch founder
The breach adds to a growing list of crypto industry hacks in 2025. More than $2.1 billion in digital assets have been stolen so far this year, according to blockchain security firm CertiK.
Source: CertiKHackers have also switched from exploiting blockchain infrastructure to profiting from weaknesses in human behavior, according to Ronghui Gu, the co-founder of CertiK.
“The majority of this $2.1 billion was caused by wallet compromises, key mismanagement and operational issues,” Gu told Cointelegraph during the Chain Reaction daily X spaces show on June 2.
Social engineering schemes like address poisoning don’t require any hacking. Instead, attackers trick victims into sending assets to fraudulent wallet addresses.
Related: Staked Ethereum hits 35M ETH high as liquid supply declines
This is a developing story, and further information will be added as it becomes available.
English (US) ·