Grinex Exchange Suspends Activities Following $13 Million Cyber Attack Allegedly Backed by State Actors

A prominent cryptocurrency exchange, Grinex, which was popular among Russian users seeking to circumvent sanctions, has halted its operations after being targeted by a sophisticated cyber attack that resulted in the theft of approximately 1 billion rubles, equivalent to $13 million. The exchange, which is headquartered in Kyrgyzstan, announced the breach via its Telegram channel and an official statement on its website, attributing the attack to state-sponsored actors from 'hostile nations' due to the high level of coordination and technical expertise involved. According to Grinex, preliminary data suggests that the attack was deliberately orchestrated to undermine Russia's financial independence. The exchange had previously been sanctioned by the US, UK, and EU for its role in enabling users to bypass restrictions through the use of a ruble-backed stablecoin called A7A5, which facilitated cross-border transactions after Russia's access to the Swift inter-bank messaging system was severed following its invasion of Ukraine. Following the sanctions, the platform re-emerged as Grinex. The suspension of trading activities has left users unable to access their funds while the company conducts an investigation, and access to its Moscow office has also been restricted. Grinex has released a list of 54 affected wallet addresses and the corresponding amounts that were drained, with the majority being in the form of USDT on the TRON blockchain.