Cryptocurrency Exchange Grinex Suspends Operations Following Alleged State-Sponsored Hack

A significant cyber attack has prompted Grinex, a digital currency exchange popular among Russian users seeking to circumvent sanctions, to halt its operations. The breach, which occurred on the platform's systems, resulted in the theft of approximately 1 billion rubles, equivalent to $13 million. The exchange, headquartered in Kyrgyzstan, revealed the incident through a statement on its website and Telegram channel, attributing the attack to state-backed entities from 'unfriendly nations' due to its sophisticated nature and coordination. This assessment is based on the digital evidence and characteristics of the attack, which suggest an unparalleled level of technological capabilities and resources typically available only to state-sponsored structures. According to preliminary findings, the primary objective of the attack was to directly compromise Russia's financial autonomy. Notably, Grinex had been sanctioned by the United States, the United Kingdom, and the European Union last year for its role in facilitating the circumvention of restrictions through a ruble-pegged stablecoin called A7A5. This token enabled cross-border transactions at a time when Russia's access to the Swift international banking network was suspended following its invasion of Ukraine. After being shut down, the platform re-emerged under the name Grinex. As a result of the current suspension, users are currently unable to access their funds while the company conducts an investigation. Furthermore, access to the company's Moscow office has been restricted. In response to the incident, Grinex has published a list detailing 54 affected wallet addresses and the corresponding amounts that were drained, with the majority being in the form of USDT on the TRON blockchain.