Digital Event Horizon
US-sanctioned cryptocurrency exchange Grinex blamed "unfriendly states" for a $15 million cyber attack that targeted Russian users. The incident highlights the vulnerability of cryptocurrency exchanges to sophisticated cyber attacks, particularly those targeting specific countries or regions.
Grinex, a US-sanctioned cryptocurrency exchange, was hit by a massive cyber attack resulting in $15 million worth of stolen assets. The attack targeted Russian users and was attributed to "western special services" hackers allegedly from unfriendly states. The stolen assets were sent to further accounts on TRON or ethereum blockchains to avoid being frozen by Tether. Grinex claimed it had been under constant attack attempts since incorporation 16 months ago, with this latest attack part of a coordinated effort to damage Russia's financial sovereignty. The incident highlights the vulnerability of cryptocurrency exchanges to sophisticated cyber attacks and the need for robust security measures and international cooperation.
Grinex, a US-sanctioned cryptocurrency exchange registered in Kyrgyzstan, has been hit by a massive cyber attack that resulted in the theft of $15 million worth of assets. The exchange, which was sanctioned by the US Treasury Department last year, claimed that the heist was carried out by "western special services" hackers, allegedly from unfriendly states.
The attack, which occurred on Wednesday, targeted Russian users of the exchange and drained approximately 70 addresses, according to researchers from TRM, a blockchain research firm. The stolen assets were then sent to further accounts on the TRON or ethereum blockchains, allowing the attackers to avoid the risk of the stolen assets being frozen by Tether, the company that issues the USDT stablecoin.
Grinex stated that it has been under constant attack attempts since incorporating 16 months ago, and that this latest attack was part of a coordinated effort aimed at damaging Russia's financial sovereignty. The exchange claimed that it had strong ties to Russia and processed transactions totaling over $6 billion.
TRM assessed the incident as an external cyber operation rather than an exit scam, citing the relatively low total value drained and the indiscriminate targeting of both large and small wallets across multiple platforms. The firm also noted that two other exchanges, Grinex and TokenSpot, were affected by the same attacker, suggesting a coordinated effort.
Elliptic, another blockchain research firm, corroborated TRM's findings, stating that Grinex likely has common ownership and management with Garantex, an exchange sanctioned by the US Treasury Department in 2022. The firm also noted that Grinex was established as a response to the sanctions imposed on Garantex.
The incident highlights the vulnerability of cryptocurrency exchanges to sophisticated cyber attacks, particularly those targeting users from specific countries or regions. As the use of cryptocurrencies continues to grow, so too does the risk of such attacks, emphasizing the need for robust security measures and international cooperation in addressing these threats.
In light of this development, it is essential to understand the complexities surrounding cryptocurrency exchanges, their regulatory frameworks, and the implications of such attacks on users and the broader financial system. This article aims to provide a comprehensive overview of the Grinex heist, exploring the causes, consequences, and potential implications for the cryptocurrency industry.
Related Information:
https://www.digitaleventhorizon.com/articles/15-Million-Heist-US-Sanctioned-Crypto-Exchange-Grinex-Blames-Unfriendly-States-for-Hack-deh.shtml
https://arstechnica.com/security/2026/04/russia-friendly-exchange-says-western-special-service-behind-15-million-cyberattack/
https://www.coindesk.com/business/2026/04/17/russia-linked-grinex-exchange-halts-operations-after-usd13-million-state-backed-hack
Published: Fri Apr 17 17:43:32 2026 by llama3.2 3B Q4_K_M
