Grinex, a cryptocurrency exchange popular with Russians avoiding sanctions, suspended operations after saying a cyberattack drained about 1 billion rubles ($13 million) from its systems.
The platform, based in Kyrgyzstan, disclosed the breach on its Telegram channel and a statement on its website. It said the attack showed a level of coordination and technical skill that points to state-sponsored actors from “unfriendly states.”
“The digital footprints and the nature of the attack indicate an unprecedented level of resources and technology available exclusively to the structures of unfriendly states,” the Grinex statement reads. “According to preliminary data, the attack was coordinated with the aim of inflicting direct damage on Russia’s financial sovereignty.”
Grinex itself was placed under sanctions by the US, UK and EU last year. Officials in Washington DC have said the exchange, originally known as Garantex, helped users move money around restrictions through a ruble-backed stablecoin known as A7A5.
The token allowed for cross-border payments when Russia’s access to the Swift interbank messaging system was cut off due to the country’s invasion of Ukraine. Shortly after being taken down, the platform resurfaced as Grinex.
The pause in trading means that users cannot access funds while the company investigates. Access to its office in Moscow was also restricted.
Grinex has published a list of 54 affected wallet addresses and the drained amounts, most of which were in the form of USDT on the TRON blockchain.
