Crypto Exchange Grinex Blames Western Intelligence for $15M Hack, Shuts Down Operations
A US-sanctioned cryptocurrency exchange based in Kyrgyzstan has announced it is halting all operations after suffering a $15 million hack, which it attributes to Western intelligence agencies. The attack targeted Russian users and was aimed at undermining Russia's financial sovereignty, according to the exchange.
Grinex, registered in Kyrgyzstan and under US sanctions, said the theft involved nearly 70 drained addresses—about 16 more than initially reported. Blockchain research firm TRM confirmed the breach, valuing stolen assets at $15 million. Neither TRM nor fellow analyst Elliptic have explained how the hackers bypassed security.
Background
Grinex has faced near-constant cyberattacks since its founding 16 months ago, the company stated. The latest incident, it claims, was carried out by hackers with resources and technology only available to structures from 'unfriendly states.'
The exchange has been controversial due to its sanctions designation and its focus on serving Russian clients. This attack marks one of the largest heists attributed to state-sponsored actors in the crypto space this year.
What This Means
Experts say the incident highlights the growing sophistication of state-backed cyberattacks targeting cryptocurrency platforms, especially those under sanctions. 'The coordination and resources required suggest a highly capable threat actor, likely with government backing,' said a cybersecurity analyst at TRM, speaking on condition of anonymity.
For Grinex users, the shutdown means frozen funds and uncertainty. For the broader crypto industry, it underscores the risks of operating in geopolitically charged environments. The attack also raises questions about how exchanges can protect themselves when targeted by nation-state adversaries.
Grinex has not provided a timeline for returning customer assets. In its statement, the company said it is cooperating with law enforcement but did not specify which agencies.
The digital footprints and nature of the attack indicate an unprecedented level of resources and technology available exclusively to the structures of unfriendly states,' Grinex said in a press release. 'According to preliminary data, the attack was coordinated with the aim of causing direct damage to Russia's financial sovereignty.'
Neither the US Treasury nor Russian authorities have commented on the allegations. Elliptic declined to provide additional details, citing ongoing investigations.
Related Articles
- How Apple Can Revolutionize AI at WWDC 2026: A Step-by-Step Strategy
- How to Close the AI Leadership Gap: A Step-by-Step Guide for CEOs and CIOs
- Your Guide to Trump's New Retirement Savings Plan for Workers Without 401(k)s
- Apple Card's Generous New Offer: Free AirPods Pro 3 for New Signups
- Navigating Crypto's Institutional Shift: A Guide to Market Moves, Regulatory Catalysts, and Key Players
- From Squirrel Videos to App Store Gold: A Step-by-Step Guide to Creating a Viral Camera App
- TrickMo Trojan Evolves: New Variant Leverages TON Blockchain for C2, SOCKS5 for Network Pivots
- Grafana Cloud k6 Launches Centralized Secrets Management to Eliminate Hardcoded Credentials in Performance Testing