Grinex, a cryptocurrency exchange popular with sanctions-avoiding Russians, suspended operations after saying a cyberattack drained about 1 billion rubles ($13 million) from its systems.
The platform, based in Kyrgyzstan, revealed the breach on its Telegram channel and in a statement on its website. He said the attack showed a level of coordination and technical skill that targeted state-backed actors from “hostile states.”
“The fingerprints and nature of the attack indicate an unprecedented level of resources and technology available exclusively to hostile state structures,” Grinex’s statement reads. “According to preliminary data, the attack was coordinated with the aim of inflicting direct damage on Russia’s financial sovereignty.”
Grinex itself was subject to sanctions by the United States, the United Kingdom and the European Union last year. Officials in Washington DC have said the exchange, originally known as Garantex, helped users move funds around restrictions through a ruble-backed stablecoin known as A7A5.
The token enabled cross-border payments when Russia’s access to the Swift interbank messaging system was cut off due to the country’s invasion of Ukraine. Shortly after being taken down, the platform resurfaced as Grinex.
The pause in operations leaves users unable to access funds while the company investigates. Access to his office in Moscow was also restricted.
Grinex has published a list of 54 affected wallet addresses and the amounts drained, most of which were in the form of USDT on the TRON blockchain.
