Sanctioned cryptocurrency exchange Grinex has suspended all business operations following a sophisticated hack that resulted in the theft of approximately $13.1 million. The breach targeted 54 digital addresses and displayed a high degree of technical professionalism, as stolen funds were consolidated into a single wallet holding over $15 million in crypto assets. The exchange, which is linked to Russia and has been sanctioned for facilitating evasion transactions, stated that digital traces of the attack led to foreign intelligence agencies becoming involved.
Grinex has suspended operations after a cyberattack stole roughly 1 billion roubles, equivalent to $13.1 million, from 54 addresses. The exchange stated that the coordinated incident displayed a high level of technical sophistication.
The platform confirmed that criminal proceedings have been started following the breach. It claimed that digital traces of the hackers’ work led to foreign intelligence agencies involvement.
Grinex has previously faced sanctions from the United States, United Kingdom, and European Union. According to the U.S. government, the exchange enables transfers through its rouble-backed stablecoin A7A5.
The company has been linked to crypto infrastructure Russia established after being disconnected from the SWIFT banking system. It has become a substitute for the sanctioned crypto platform called Garantex.
Blockchain analytics firm TRM Labs reported potential overlap with another Kyrgyzstan-based exchange, TokenSpot. It identified that multiple wallets connected to TokenSpot interacted with addresses associated with the attacker.
Further analysis revealed stolen assets were consolidated into one digital wallet containing nearly $15 million. Hackers transferred funds from the Tron and Ethereum networks to avoid the freezing of digital assets.
