Grinex Exchange Suspends Activities Following Alleged State-Sponsored Cyber Attack

A prominent cryptocurrency exchange, Grinex, has halted its operations after reporting a significant cyber attack that resulted in the theft of approximately 1 billion rubles, equivalent to $13 million. The exchange revealed the breach via its Telegram channel and website, suggesting that the attack's sophistication and coordination imply the involvement of state-backed entities from 'unfriendly nations.' The statement from Grinex notes, 'The digital footprint and nature of the attack indicate an unprecedented level of resources and technology, typically available only to the structures of unfriendly states.' According to preliminary data, the attack aimed to directly impact Russia's financial sovereignty. Grinex, originally known as Garantex and based in Kyrgyzstan, was sanctioned by the US, UK, and EU last year for allegedly helping users circumvent restrictions through a ruble-backed stablecoin called A7A5. This token enabled cross-border transactions after Russia's access to the Swift inter-bank messaging system was severed due to its invasion of Ukraine. Following the sanctions, the platform re-emerged as Grinex. The temporary suspension of trading activities has left users without access to their funds while the company conducts an investigation. Additionally, access to its Moscow office has been restricted. Grinex has released a list of 54 affected wallet addresses and the corresponding drained amounts, with most of the stolen funds being in the form of USDT on the TRON blockchain.