Grinex Exchange, Linked to Russia, Closes Operations Following $13 Million Cyber Attack

A prominent cryptocurrency exchange, Grinex, which was popular among Russian users seeking to circumvent sanctions, has suspended its operations after falling victim to a significant cyber attack. The breach, which resulted in the theft of approximately 1 billion rubles, equivalent to $13 million, was disclosed by the exchange on its official Telegram channel and website. According to Grinex, the attack demonstrated a high level of sophistication and coordination, suggesting the involvement of state-sponsored actors from 'hostile nations.' The exchange stated, 'The digital evidence and nature of the attack suggest an unprecedented level of resources and technology, typically available only to the structures of unfriendly states.' Preliminary data indicates that the attack was orchestrated to directly undermine Russia's financial sovereignty. Grinex, originally known as Garantex, was sanctioned by the US, UK, and EU last year for allegedly enabling users to bypass restrictions through a ruble-backed stablecoin called A7A5. This token facilitated cross-border transactions when Russia's access to the Swift inter-bank messaging system was suspended due to its invasion of Ukraine. Following the sanctions, the platform re-emerged as Grinex. The temporary halt in trading has left users unable to access their funds while the company conducts an investigation. Additionally, access to its Moscow office has been restricted. Grinex has released a list of 54 affected wallet addresses, along with the corresponding drained amounts, with most of the stolen funds being in the form of USDT on the TRON blockchain.