In brief
- Russian exchange Grinex says it was hacked for more than 1 billion rubles or greater than $13 million.
- The exchange alleged the attack was an attempt to "destabilize" Russia's financial sector and was conducted by "foreign special services."
- Grinex previously been linked to Garantex, an exchange that was seized and removed by the U.S. Secret Service for alleged ties to sanctioned Russian entities.
Russian crypto exchange Grinex said Thursday that it was hacked for more than 1 billion rubles, or around $13 million in funds.
The firm, which has been linked to the sanctioned and seized exchange Garantex, alleged the exploit was conducted by “Western special services,” according to an official statement made to its Telegram channel that was translated by Google.
“The leading cryptoruble exchange Grinex, which provides settlements between Russian businesses and citizens in digital assets, was subjected to a large-scale cyberattack with signs of the involvement of foreign special services,” the firm posted.
“Digital traces and character attacks testify to an unprecedented level of resources and technologies available exclusively to structures of unfriendly states,” it added, noting that the attack was designed to cause harm to Russia’s financial sovereignty.
All exchange activity has been paused, and the relevant information has been passed to law enforcement as it seeks to open a criminal case, Grinex said.
Grinex, which uses the “same fingerprint” as Garantex—the Russian exchange that was seized and taken offline by the U.S. Secret Service due to alleged ties to sanctioned Russian banks and criminal groups— is the main vehicle for the trading of ruble-backed stablecoin A7A5, according to blockchain firm Elliptic.
The token, which was “created as part of a Russian sanctions evasion enterprise,” according to Elliptic, has transferred values of more than $100 billion.
"Since the very beginning of the work, the infrastructure of exchanges has been under attack," Grinex said in the exchange’s official statement. “We fixed systemic attempts to limit the withdrawal of cryptocurrencies outside the [Commonwealth of Independent States]: The exchange was entered into sanctions lists, crypto wallets were purposefully marked, transactions were blocked.”
“Today, attempts to destabilize the domestic financial sector reached a new level—direct theft of assets of Russian citizens and companies using complex cyberattacks,” it added.
At this time, the perpetrator of the hack remains unclear, but on-chain analysis from Elliptic points to around $15 million worth of USDT leaving the exchange. The funds were then transferred and converted to ETH or TRX on the Ethereum or Tron blockchains, respectively.
The U.S. Secret Service, which performed the seizure of Garantex last March, told Decrypt when reached that it could not comment on ongoing investigations.