Grinex, a cryptocurrency exchange popular with Russians avoiding sanctions, suspended operations after saying a cyber attack cost its systems approximately 1 billion rubles ($13 million).
The Kyrgyzstan-based platform disclosed the breach on its Telegram channel and issued a statement on its website. The attack demonstrated a level of coordination and technical capabilities that suggested the attackers were from an “unfriendly country” and had state support, the report said.
“The digital footprint and nature of the attack demonstrates an unprecedented level of resources and technology dedicated to groups operating in unfriendly countries,” the Grinex statement read. “According to preliminary data, this attack was coordinated with the intent to cause direct harm to Russia’s financial sovereignty.”
Grinex itself was sanctioned by the US, UK and EU last year. Officials in Washington, D.C., said the exchange, originally known as Garantex, helped users move funds around restrictions through a ruble-backed stablecoin called A7A5.
The coin allowed cross-border payments when Russia cut off access to the Swift interbank messaging system due to its invasion of Ukraine. Shortly after being taken down, the platform resurfaced under the name Grinex.
The trading halt prevents users from accessing their funds while the company investigates. Access to its Moscow offices is also restricted.
Grinex published a list of 54 affected wallet addresses and the depleted amounts, most of which exist in the form of USDT on the TRON blockchain.
