Snapback triggered to block Iranian atomic bomb, German FM says

“We know senior officials and commanders did not carry phones, but their interlocutors, security guards and drivers had phones, they did not take precautions seriously and this is how most of them were traced,” the report said citing Iran's former deputy vice-president Sasan Karimi.

An Israeli defense official told the paper: “Using so many bodyguards is a weakness that we imposed on them, and we were able to take advantage of that.”

The tactic enabled Israeli warplanes on June 16 to strike a bunker in western Tehran where President Masoud Pezeshkian, the heads of the judiciary and intelligence ministry, and senior commanders were holding an emergency security meeting, the report added.

Earlier this month, the chief of staff to Iran's president said Israel’s attack on a Supreme National Security Council (SNSC) meeting on June 16 was a targeted attempt to kill Masoud Pezeshkian, who escaped with a minor injury.

Israel targeted the building’s entrances and exit points with six bombs to block escape routes and cut off airflow, Revolutionary Guards affiliated Fars News reported last month.

• 

  What we know about alleged Israeli strike on Iran's National Security Council

None of the leaders were killed, but several guards died outside, according to The Times.

Bodyguards had long been excluded from strict phone bans imposed on top commanders, even after earlier assassinations of nuclear scientists and military figures, The New York Times reported.

Lapse now addressed

That lapse has since been addressed, with guards now restricted to carrying only walkie-talkies, the report said.

The strikes formed part of a broader Israeli campaign that killed at least 30 senior commanders and more than a dozen nuclear scientists during the war’s first week.

Iranian officials later said dozens of suspects from the military and government had been arrested or placed under house arrest on suspicion of spying for Israel.

President Pezeshkian, who was lightly injured in the attack, later told clerics: “There was only one hole, and we saw there was air coming and we said, we won’t suffocate. Life hinges on one second.”

He added that if the leadership had been killed, “people would have lost hope.”

Withdrawal from the Nuclear Non-Proliferation Treaty (NPT) and halting cooperation with the International Atomic Energy Agency are options available to the Islamic Republic in response to Europe's activation of the snapback mechanism, said Vahid Ahmadi, a member of parliament’s National Security Committee on Saturday.

Ali Akbar Salehi, the former head of Iran’s Atomic Energy Organization said on Friday that parliament cannot independently decide on such measures, and initiatives like withdrawing from the NPT would require the explicit approval of Supreme Leader Ali Khamenei.

The announcement was made by Mahdi al-Mashat, head of the group’s Supreme Political Council.

According to the Houthis, al-Rahawi and his colleagues were holding a cabinet meeting when the strike took place.

Al-Rahawi had served as prime minister since 2024, though his role was seen largely as administrative. The council announced that Mohamed Ahmad Moftah has been appointed as acting prime minister.

The Israeli military said on Friday that its air force carried out a broad operation against Houthi positions in Sanaa, targeting senior political and military leaders.

Israel’s Channel 12 reported the strike likely killed the entire Houthi cabinet, including al-Rahawi and up to 12 ministers.

The fresh airstrikes came after the Israeli military concluded that the Houthis had used cluster munitions in one of their ballistic missile attacks on the Jewish State.

Houthis ready to fight back

After confirming the deaths of the group’s senior officials, the Houthi defense minister announced that the Houthis are ready to confront Israel.

The Houthis have been launching attacks on international shipping in the Red Sea, the Bab al-Mandab strait, and the Gulf of Aden since the outbreak of the Gaza war. Their operations, which have also extended into the Indian Ocean, have repeatedly disrupted maritime security.

The group has also launched missiles and drones toward Israel, framing its attacks as support for Palestinians. While the United States says it recently secured a halt to Houthi strikes on American vessels, the Houthis have said the truce does not apply to Israel and vowed to continue their attacks.

"The 30-day deadline has started and this does not mark the end of diplomacy," EU Foreign Policy Chief Kaja Kallas told reporters on Saturday, after France, Britain and Germany triggered the "snapback" mechanism that will reimpose UN sanctions on Iran.

"Tehran still has the chance to fully cooperate with the International Atomic Energy Agency and resume negotiations with the US over its nuclear program. And the ball is in Tehran's court."

"So I stand ready to support any kind of diplomatic efforts towards finding a solution," she added.

The Western-sanctioned Nobitex exchange was hit on June 18 by the hacking group Predatory Sparrow and $90 million dollars in its currency was destroyed, according to independent monitors. Nobitex has denied any military or government connections.

Hackers analyzed the stolen data and identified assets, networks, and transactions linked to Iranian officials, distinguishing them from those of civilians and ordinary users, the source said.

Nobitex announced after the attack that losses were limited to hot wallets only. However, a source told Iran International that both hot and cold wallets had been affected.

Hot wallets are internet-connected digital wallets designed for quick transactions but vulnerable to hacks. Cold wallets—offline hardware devices or paper keys—offer higher security but are slower and less convenient for daily use.

Determining whether destroyed assets were in hot or cold wallets can be done by examining transaction patterns and blockchain data tagged by analysis firms.

The United States sanctioned Nobitex in September 2022, followed by Canada in December 2022 and New Zealand in 2023, citing the exchange’s role in arms cooperation with Russia and drone transfers in the Ukraine war.

While the released data suggested extensive sanctions-evasion activities, the Nobitex team insisted it is merely a startup and denied any illegal conduct.

During the June conflict, Israel-linked hackers launched some of the most disruptive cyberattacks of the campaign.

The Predatory Sparrow claimed responsibility for destroying $90mn from Iran’s Nobitex cryptocurrency exchange and crippling services at Bank Sepah and Bank Pasargad by disabling their main and backup data centers.

“During the Nobitex hack, the asset withdrawals specifically occurred from high-frequency addresses, typically associated with hot wallets, and were transferred to burn addresses,” Mehdi Saremi Far, a science and technology journalist, told Iran International.

Iran’s cryptocurrency market is estimated at $5–12 billion, with Nobitex handling about 87% of its transaction volume.

TRM Labs, which specializes in detecting and disrupting blockchain-based illicit activity such as ransomware and money laundering, announced in July that Nobitex was not only used for illicit activities but also served as a surveillance tool.

“The Nobitex breach showed that the exchange’s internal infrastructure was designed to evade detection by the US Treasury Department’s Financial Crimes Enforcement Network (FinCEN) and US-based blockchain intelligence firms. This included modules for generating stealth addresses, obfuscating transactions, and evading surveillance,” TRM Labs said.