Grinex Exchange Suspends Activities Following $13 Million Cyber Attack Allegedly Backed by a Nation-State

A prominent cryptocurrency exchange, Grinex, which was popular among Russians seeking to circumvent sanctions, has halted its operations after falling victim to a massive cyber attack that resulted in the theft of approximately 1 billion rubles, equivalent to $13 million. The breach was disclosed by the exchange through its Telegram channel and an official statement on its website, attributing the sophisticated attack to state-sponsored actors from hostile nations. The statement from Grinex noted, 'The digital traces and the nature of the attack suggest an unprecedented level of resources and technology, typically available only to the structures of unfriendly states.' It further indicated that the attack was likely coordinated to directly impact Russia's financial independence. Grinex, originally known as Garantex, was sanctioned by the US, UK, and EU last year for its role in helping users bypass restrictions, notably through a ruble-backed stablecoin called A7A5. This stablecoin enabled cross-border payments after Russia's access to the Swift interbank messaging system was severed following its invasion of Ukraine. After being shut down, the platform reemerged as Grinex. The temporary cessation of trading activities has left users without access to their funds as the company conducts an investigation. Additionally, access to its Moscow office has been restricted. In response to the breach, Grinex has released a list of 54 affected wallet addresses along with the amounts stolen, with the majority of the theft occurring in USDT on the TRON blockchain.