More

    Russia-linked Grinex exchange halts operations after $13 million ‘state-backed’ hack

    News

    Published on:

    The exchange, formerly known as Garantex and based in Kyrgyzstan, has been sanctioned by the U.S., U.K. and EU for helping users bypass sanctions.

    Hacker facing screens with lines of code (Boitumelo/Unsplash)
    (Boitumelo/Unsplash)

    What to know:

    • Grinex cryptocurrency exchange suspended operations after a cyber attack drained about 1 billion rubles ($13 million) from its systems, which the platform attributed to state-backed actors.
    • The exchange, formerly known as Garantex and based in Kyrgyzstan, has been sanctioned by the U.S., U.K., and EU for helping users bypass sanctions.
    • Users are unable to access their funds while the company investigates, with 54 affected wallet addresses containing mostly USDT on the Tron blockchain.
  • Grinex cryptocurrency exchange suspended operations after a cyber attack drained about 1 billion rubles ($13 million) from its systems, which the platform attributed to state-backed actors.
  • The exchange, formerly known as Garantex and based in Kyrgyzstan, has been sanctioned by the U.S., U.K., and EU for helping users bypass sanctions.
  • Users are unable to access their funds while the company investigates, with 54 affected wallet addresses containing mostly USDT on the Tron blockchain.

    • Grinex, a cryptocurrency exchange popular with sanctions-avoiding Russians, suspended operations after saying a cyber attack drained about 1 billion rubles ($13 million) from its systems.

    The platform, based in Kyrgyzstan, disclosed the breach on its Telegram channel and a statement on its website. It said the attack showed a level of coordination and technical skill that points to state-backed actors from “unfriendly states.”

    “The digital footprints and nature of the attack indicate an unprecedented level of resources and technology available exclusively to the structures of unfriendly states,” the Grinex statement reads. “According to preliminary data, the attack was coordinated with the goal of inflicting direct damage on Russia’s financial sovereignty.”

    Grinex itself was placed under sanctions by the U.S., U.K. and European Union last year. Officials in Washington D.C. have said the exchange, originally known as Garantex, helped users move funds around restrictions through a ruble-backed stablecoin known as A7A5.

    The token allowed cross-border payments when Russia’s access to the Swift inter-bank messaging system was cut off over the country’s invasion of Ukraine. Shortly after being taken down, the platform resurfaced as Grinex.

    The pause in trading leaves users unable to access funds while the company investigates. Access to its office in Moscow was also restricted.

    Grinex has published a list of 54 affected wallet addresses and the drained amounts, most of which were in the form of USDT on the TRON blockchain.

    Related

    © Decrypt News. All Rights Reserved