Grinex Exchange Suspends Operations Following $13 Million Cyber Attack Allegedly Backed by State Actors

A prominent cryptocurrency exchange, Grinex, has temporarily ceased operations after falling victim to a sophisticated cyber attack that resulted in the theft of approximately 1 billion rubles, equivalent to $13 million. The exchange, which was formerly known as Garantex and is based in Kyrgyzstan, made the announcement via its Telegram channel and official website. According to Grinex, the nature and scale of the attack suggest the involvement of state-sponsored entities from 'hostile' nations. The exchange's statement noted that 'the digital traces and characteristics of the attack indicate an unprecedented level of resources and technological capabilities, typically available only to the structures of unfriendly states.' It further alleged that the attack was orchestrated with the intention of directly undermining Russia's financial autonomy. Grinex had been sanctioned by the US, UK, and EU last year for allegedly facilitating the circumvention of restrictions through a ruble-backed stablecoin called A7A5. This stablecoin enabled cross-border transactions after Russia's access to the Swift inter-bank messaging system was suspended following its invasion of Ukraine. After being taken down, the platform re-emerged under the name Grinex. The trading halt has left users without access to their funds while the company conducts an investigation. Additionally, access to Grinex's Moscow office has been restricted. The exchange has released a list of 54 affected wallet addresses, along with the corresponding amounts that were drained, with the majority being in the form of USDT on the TRON blockchain.