Grinex, a cryptocurrency exchange sanctioned by the U.K. and U.S., has announced the suspension of its operations after suffering a $13.74 million hack. This significant breach is believed to have been orchestrated with the involvement of foreign intelligence agencies, leading to the theft of over 1 billion rubles in user funds.
Incident Overview
Grinex, which has ties to the rebranded Garantex exchange, reported the cyber attack on April 15, 2026. The exchange claimed that the nature of the attack suggests it utilised resources and technological capabilities typically found within hostile state agencies. The company emphasised that this incident marked an escalation in threats aimed at undermining the financial stability of Russia.
Background on Garantex
Garantex was previously sanctioned by the U.S. Treasury in April 2022 for facilitating money laundering linked to ransomware activities. It was also sanctioned again in August 2025 due to its involvement in processing substantial amounts in illicit transactions. In response to these sanctions, Garantex allegedly transitioned its operations to Grinex while using a ruble-backed stablecoin to maintain transactional capabilities.
Details of the Cyber Attack
The hack has been described as a large-scale operation, with blockchain intelligence firms highlighting that the stolen funds were transferred to various accounts on the TRON or Ethereum blockchains. Notably, the funds were converted into non-freezable assets, a tactic employed to thwart asset freezing efforts by regulatory bodies.
Potential Implications
Experts indicate that the breach may have broader implications for the infrastructure that facilitates sanctions evasion related to Russian financial networks. The intricate connection between Grinex, Garantex, and other exchanges highlights the ongoing challenges in regulatory compliance within the cryptocurrency sphere, especially in areas involving illicit financial flows.
Conclusion
The closure of Grinex following the $13.74 million hack underscores the vulnerabilities within cryptocurrency exchanges, particularly those already under sanctions. The incident raises critical questions about the safety of user funds and the potential for state-sponsored cyber threats in the ever-evolving digital finance landscape.
To stay informed about such developments, follow our updates on the ongoing investigations into cryptocurrency security and regulatory compliance.
Quelle: Hacker-News
