CoinEx denies Iran ties after WSJ sanctions report

CoinEx has rejected claims that it helped Iranian state-linked entities move funds through its crypto exchange after a Wall Street Journal report cited $3.84 billion in Iran-linked transactions since 2019.

The exchange said it had “never established any commercial relationship” with Iranian government-related entities, Iranian domestic exchanges, the Revolutionary Guard, or sanctioned parties. CoinEx said it does not have an office or operating entity in Iran.

CoinEx also said its official domain had been blocked in Iran since 2021 after it was blacklisted by the Iranian government. The exchange said that fact shows it was not a platform backed or recognized by Iranian authorities.

The company said some users promoted CoinEx through its global referral program, but it denied organizing Iran-focused promotion. It said ordinary user activity should not be treated as proof of state-level sanctions evasion.

CoinEx disputes on-chain reading

The WSJ report said investigators traced unusual transactions from two wallets controlled by Iran’s central bank. It also said further tracing showed links to funds stolen from Bybit by North Korean hackers.

CoinEx said the report relied too heavily on on-chain interpretation. The exchange said blockchain transactions are open and traceable, but a fund passing through a platform does not prove that the platform knew about, supported, or joined the related activity.

The company also challenged the reported aggregate amount. It said combining two-way fund flows into one number and presenting it as funds “processed” by CoinEx was misleading.

CoinEx said third-party blockchain analytics platforms can reach different results. It added that on-chain attribution has limits and depends on how analysts interpret wallet links and transaction paths.

Bybit hack reference draws response

CoinEx also addressed the Bybit theft cited in the WSJ report. It said it helped Bybit block accounts and freeze assets after learning about the incident. CoinEx said it would conduct an internal review of the transactions mentioned in the report.

WSJ said investigators linked the Iranian central bank wallet trail to assets stolen from Bybit by North Korean hackers. The Bybit hack remains one of the largest crypto thefts reported by the industry.

In a previous article, crypto.news discussed how the Bybit hacker laundered more than half of the stolen Ethereum in less than a week, mainly through THORChain swaps. That activity kept attention on cross-platform money movement after large thefts.

CoinEx said it had also been a hacking victim in 2023, when North Korea-linked actors were reported to have stolen funds from the exchange. In another previous article, crypto.news discussed CoinEx’s plan to resume services after the $70 million Lazarus-linked hack.

Compliance measures expanded

CoinEx said it started a full review and exit process for Iran-related risk exposure after sanctions against Iranian domestic exchanges. The exchange said it strengthened checks for Iranian users, blocked registrations from Iranian regions, and started compliance off-boarding for identified accounts.

It also said it expanded geo-fencing, access restrictions, KYT monitoring, sanctions screening, and transaction freezes for high-risk activity. CoinEx said it would restrict or freeze accounts and assets tied to any sanctioned entity or person.

The response comes during a broader U.S. sanctions push against Iranian crypto activity. As previously reported, the U.S. Treasury sanctioned Nobitex, Wallex, Bitpin, and Ramzinex, accusing them of helping sanctioned entities access digital asset markets.

Treasury said Nobitex processed more than 50% of Iranian digital asset inflows in 2025. It also accused the exchange of helping Iranian regime insiders access international platforms and move funds across jurisdictions.

CoinEx said it will keep investing in KYC, AML, sanctions screening, and on-chain risk monitoring. The exchange also said it would respond to concerns from users, partners, and authorities.