Grinex Exchange Suspends Operations Following Alleged State-Sponsored Hack Worth $13 Million

A prominent cryptocurrency exchange, Grinex, has halted its operations after claiming to have fallen victim to a sophisticated cyber attack that resulted in the theft of approximately 1 billion rubles, equivalent to $13 million. The exchange, which has been a popular platform for Russians seeking to circumvent sanctions, announced the breach on its official Telegram channel and website. According to Grinex, the nature and scale of the attack suggest the involvement of state-backed actors from hostile nations. In a statement, Grinex noted that the digital evidence and characteristics of the attack point to an unprecedented level of technological expertise and resources, typically available only to state-sponsored entities. The exchange believes that the attack was deliberately designed to undermine Russia's financial autonomy. Grinex, which was previously known as Garantex, has been the subject of sanctions imposed by the US, UK, and EU. The exchange was accused of facilitating the circumvention of restrictions by allowing users to transfer funds using a ruble-backed stablecoin called A7A5. This token enabled cross-border transactions even after Russia's access to the Swift inter-bank messaging system was suspended following its invasion of Ukraine. After being shut down, the platform re-emerged under the name Grinex. As a result of the suspension, users are currently unable to access their funds while the company conducts an investigation. Additionally, access to Grinex's Moscow office has been restricted. The exchange has published a list of 54 affected wallet addresses, along with the corresponding amounts that were drained, with the majority of the stolen funds being in the form of USDT on the TRON blockchain.