Iran Implements Curfew on Cryptocurrency Exchanges Following a Major $100 Million Security Breach

In response to a $100 million cyber heist, Iran's central bank has restricted the operational hours of cryptocurrency exchanges, a move that could significantly alter the landscape of digital asset regulation and national security. This policy not only aims to streamline incident management but also reflects larger geopolitical tensions, highlighting the complex interplay between government control and the burgeoning crypto economy.

Ivy Tran

June 19, 2025

Iran's central bank has implemented a controversial curfew on domestic cryptocurrency exchanges, allowing them to operate only between 10 am and 8 pm. This drastic measure follows the recent $100 million security breach of Nobitex, one of the country's largest exchanges, at the hands of a pro-Israel hacker group known as Gonjeshke Darande. The central bank's decision underscores a heightened sense of urgency and control in the wake of significant geopolitical tensions and cyber threats.

This new policy raises several critical issues about the intersection of national security, digital asset regulation, and user rights. On one hand, limiting operating hours might indeed simplify incident management, as stated by Andrew Fierman from Chainalysis. Troubleshooting security breaches during business hours could potentially streamline response efforts and mitigate risks more effectively. However, the real efficacy of this approach is debatable. After all, the digital nature of cryptocurrencies and the global distribution of threats mean that hackers are not constrained by time zones or local operating hours.

The measures taken by Iran's central bank also speak volumes about the pervasive issue of governmental control over digital assets. By confining exchange operations to specific hours, the government arguably tightens its grip on the crypto environment, possibly curbing unwanted capital flight and maintaining closer surveillance over cross-border transactions during peak hours. This reflects a broader trend where nations seek to balance the economic potentials of cryptocurrency against the need for regulatory oversight and national security.

Moreover, the burning of stolen tokens by the attackers is an unusual twist in this saga. Unlike typical financial motivations seen in other crypto hacks where ransom or resale drives the theft, this incident appears to be purely politically motivated-an effort to directly undermine the financial resources of the Iranian regime. Such actions not only complicate the recovery efforts but also introduce a new dimension to cybersecurity in the crypto space where political motivations can play a central role.

Finally, the saga at Nobitex showcases the ongoing challenges faced by exchanges worldwide-not just the technical aspects of maintaining secure operations but also navigating the intricate dance of compliance with local regulations and international pressures. In times of such vulnerability, services that ensure robust security measures, like Radom's on- and off-ramping solutions, become even more crucial. These solutions help mitigate risks by providing secure, compliant pathways for converting between crypto and fiat currencies.

While the curfew might provide a temporary measure of control, the broader implications for Iran's crypto ecosystem could be profound. It may discourage international cooperation and innovation while pushing users towards more decentralized, possibly less regulated platforms. Moving forward, exchanges and regulators alike must find a balance that protects against both external threats and overreach, ensuring that the digital asset space remains both vibrant and secure.

Sign up to Radom to get started