Grinex Exchange Suspends Operations Following Alleged State-Sponsored Hack Worth $13 Million

A prominent cryptocurrency exchange, Grinex, has halted all operations after reporting a significant cyber attack that resulted in the theft of approximately 1 billion rubles, equivalent to $13 million. The exchange, which has been linked to Russian users seeking to circumvent sanctions, announced the breach via its Telegram channel and official website. According to Grinex, the sophisticated nature of the attack suggests the involvement of state-sponsored actors from 'hostile nations.' The exchange stated, 'The digital trail and characteristics of the attack imply an unprecedented level of resources and technological capabilities, typically available only to the structures of unfriendly states.' Preliminary findings indicate that the attack was orchestrated to directly impact Russia's financial independence. Grinex, formerly known as Garantex, was itself subject to sanctions imposed by the US, UK, and EU last year, with officials in Washington accusing the platform of facilitating the circumvention of restrictions through a ruble-backed stablecoin called A7A5. This token enabled cross-border transactions after Russia's access to the Swift inter-bank messaging system was severed due to its invasion of Ukraine. Following the initial shutdown, the platform re-emerged as Grinex. The temporary suspension of trading activities has left users unable to access their funds while the company conducts an investigation. Additionally, access to Grinex's Moscow office has been restricted. The exchange has released a list of 54 affected wallet addresses, along with the corresponding amounts that were drained, with the majority being in the form of USDT on the TRON blockchain.