Grinex Exchange Suspends Activities Following $13 Million Cyber Attack Allegedly Backed by State Actors

A prominent cryptocurrency exchange, Grinex, which has been a conduit for Russians seeking to circumvent sanctions, has temporarily ceased operations. This move comes after the platform fell victim to a substantial cyber attack, resulting in the loss of approximately 1 billion rubles, equivalent to $13 million. The exchange, initially known as Garantex and based in Kyrgyzstan, announced the breach via its Telegram channel and an official statement on its website. According to Grinex, the sophistication and coordination of the attack suggest the involvement of state-backed entities from nations deemed 'unfriendly'. The statement from Grinex notes, 'The digital traces and the nature of the attack imply an unprecedented level of resources and technology, typically accessible only to the structures of unfriendly states.' It further suggests that the attack was orchestrated with the intention of directly impacting Russia's financial autonomy. Grinex, which has been under sanctions imposed by the U.S., U.K., and the European Union, was previously accused of facilitating the bypassing of restrictions through the use of a ruble-backed stablecoin called A7A5. This token enabled cross-border transactions at a time when Russia's access to the Swift inter-bank messaging system was suspended following its invasion of Ukraine. After being shut down, the platform re-emerged under the name Grinex. As a result of the current suspension, users are currently unable to access their funds, and the company has restricted access to its Moscow office while it conducts an investigation. Grinex has released a list detailing 54 wallet addresses that were affected by the breach, with the majority of the drained funds being in the form of USDT on the TRON blockchain.