Grinex Exchange Shuts Down Following $13 Million Cyber Heist Allegedly Backed by State Actors

A prominent cryptocurrency exchange, Grinex, has suspended its operations after falling victim to a major cyber attack that resulted in the theft of approximately 1 billion rubles, equivalent to $13 million. The exchange, which was formerly known as Garantex and is based in Kyrgyzstan, made the announcement via its Telegram channel and website. According to Grinex, the sophisticated nature of the attack suggests the involvement of state-sponsored actors from 'hostile nations.' The exchange stated, 'Preliminary data indicates that the attack was orchestrated with the intention of directly undermining Russia's financial autonomy, showcasing an unprecedented level of resources and technological capabilities typically reserved for the structures of unfriendly states.' Grinex had been sanctioned by the US, UK, and EU last year for allegedly aiding users in circumventing restrictions through a ruble-backed stablecoin called A7A5. This token enabled cross-border transactions when Russia's access to the Swift inter-bank messaging system was severed following its invasion of Ukraine. After being shut down, the platform re-emerged as Grinex. The temporary halt in trading has left users unable to access their funds while the company conducts an investigation. Additionally, access to Grinex's Moscow office has been restricted. The exchange has published a list of 54 affected wallet addresses, along with the corresponding drained amounts, with most of the stolen funds being in the form of USDT on the TRON blockchain.