[Anomadeut17]

Hello all,
This is a follow-up and update to our initial announcement regarding the zero-day SMTP exploit affecting NOBITEX (nobitex.ir).
After several days of direct exchanges with the NOBITEX team, it has become clear that they do not take seriously the security of their customers or the integrity of their infrastructure. Our first intention was never to sell this finding but to engage in constructive communication with them. Unfortunately, the outcome of these discussions proves that they simply do not care about addressing their weaknesses.
We have also seen the recent public statements from CEO Amir Rad on X and posts from @hadispa, where they attempt to downplay and deny the existence of this critical issue. By doing so, they are exposing their entire customer base to a massive risk.
Therefore, as proof of authenticity, we decided to release demonstration material. You will find attached videos available for download at the following link:
https://limewire.com/d/Z9WaA#N4687kohJo
These videos clearly show how the vulnerability can be exploited, how attackers can impersonate NOBITEX, and how easy it would be to steal assets from unsuspecting users.
Key Facts:

• This attack allows full trust abuse of NOBITEX domain.
  
• Customers can be tricked into sharing credentials or authorizing transactions.
  
• The exploit bypasses all basic controls and remains unpatched.
  
• We also hold a dataset of 50,000+ customer email addresses, making large-scale targeting straightforward.
  

At this point, we want to make it clear that our selling process is on hold, because our original intention was to help NOBITEX fix their issue. However, if they continue to deny and ignore this matter despite undeniable proof, we may have no choice but to proceed further.
We hope we will not be forced to escalate to Step 3, but the next hours will be decisive. Let’s see how NOBITEX reacts after this public demonstration of evidence.

[Jenoffs]

Hello all,
This is a follow-up and update to our initial announcement regarding the zero-day SMTP exploit affecting NOBITEX (nobitex.ir).
After several days of direct exchanges with the NOBITEX team, it has become clear that they do not take seriously the security of their customers or the integrity of their infrastructure. Our first intention was never to sell this finding but to engage in constructive communication with them. Unfortunately, the outcome of these discussions proves that they simply do not care about addressing their weaknesses.
We have also seen the recent public statements from CEO Amir Rad on X and posts from @hadispa, where they attempt to downplay and deny the existence of this critical issue. By doing so, they are exposing their entire customer base to a massive risk.
Therefore, as proof of authenticity, we decided to release demonstration material. You will find attached videos available for download at the following link:
https://limewire.com/d/Z9WaA#N4687kohJo
These videos clearly show how the vulnerability can be exploited, how attackers can impersonate NOBITEX, and how easy it would be to steal assets from unsuspecting users.
Key Facts:

• This attack allows full trust abuse of NOBITEX domain.
  
• Customers can be tricked into sharing credentials or authorizing transactions.
  
• The exploit bypasses all basic controls and remains unpatched.
  
• We also hold a dataset of 50,000+ customer email addresses, making large-scale targeting straightforward.
  

At this point, we want to make it clear that our selling process is on hold, because our original intention was to help NOBITEX fix their issue. However, if they continue to deny and ignore this matter despite undeniable proof, we may have no choice but to proceed further.
We hope we will not be forced to escalate to Step 3, but the next hours will be decisive. Let’s see how NOBITEX reacts after this public demonstration of evidence.

LOL, How does it work?