Grinex Exchange Suspends Operations Following $13 Million Cyber Attack Allegedly Backed by State Actors

A prominent cryptocurrency exchange, Grinex, has halted all operations after falling victim to a sophisticated cyber attack that resulted in the theft of approximately 1 billion rubles, equivalent to $13 million. The exchange, which has been a popular platform for Russian users seeking to circumvent sanctions, disclosed the breach via its Telegram channel and official website. According to Grinex, the nature and scope of the attack suggest the involvement of state-sponsored actors from 'hostile nations', with the exchange stating that 'the digital footprint and characteristics of the attack indicate an unprecedented level of resources and technology, typically available only to the structures of unfriendly states.' The attack is believed to have been orchestrated with the intention of directly undermining Russia's financial autonomy. Grinex, originally known as Garantex, was sanctioned by the US, UK, and EU last year for its role in enabling users to bypass restrictions through a ruble-backed stablecoin called A7A5. This token facilitated cross-border transactions after Russia's access to the Swift inter-bank messaging system was severed following its invasion of Ukraine. Following the sanctions, the platform re-emerged as Grinex. The temporary suspension of trading activities has left users unable to access their funds, while the company conducts an investigation. Additionally, access to Grinex's Moscow office has been restricted. The exchange has released a list of 54 affected wallet addresses, along with the corresponding amounts that were drained, with the majority of the stolen funds being in the form of USDT on the TRON blockchain.