The sanctioned crypto-ruble exchange Grinex has suspended all operations following a high-level cyberattack that resulted in the theft of over $13.74 million worth of tether stablecoins.
Key Takeaways:
- Grinex halts operations after a state-level hack drains over 1 billion rubles in USDT from user wallets.
- The 2025 takeover of Garantex solidified Grinex as a primary target for ongoing U.S. sanctions.
- Law enforcement is reviewing logs from 54 wallets as Grinex seeks to recover 13.74 million USDT in stolen TRX.
Allegations of State-Sponsored Interference
Grinex, a crypto-ruble exchange serving Russian businesses and individual investors, has suspended operations after a sophisticated cyberattack. The breach resulted in the theft of digital assets valued at approximately $13.74 million (more than 1 billion rubles) in the stablecoin USDT.
The exchange, which remains under U.S. sanctions, claims the “unprecedented” hack suggests the involvement of foreign intelligence agencies from “hostile states.”
According to preliminary forensic data provided by the exchange, the attackers’ digital footprint indicates a level of coordination typically reserved for state-level actors. A spokesperson for the exchange said the attack was a deliberate attempt to destabilize the domestic financial sector and harm Russia’s financial sovereignty.
“From the very beginning, the exchange’s infrastructure has been subject to attacks,” the spokesperson said. “The exchange was placed on sanctions lists, crypto wallets were targeted, and transactions were blocked. Today, attempts to destabilize the domestic financial sector have reached a new level — the direct theft of assets.”
Grinex remains a target of U.S. and international sanctions intended to isolate the exchange from the global financial system. The company gained prominence in 2025 after absorbing the client base and infrastructure of Garantex, another exchange shuttered by Western regulatory pressure.
According to Grinex, it was involved in the recovery and return of 2.5 billion rubles worth of digital assets previously frozen by Tether, the issuer of the USDT stablecoin. The exchange said the stolen funds were drained from dozens of individual wallets, converted into the cryptocurrency TRX, and consolidated into a single destination address.
The exchange has filed a formal criminal complaint and handed over technical logs and digital evidence to law enforcement. There is no projected date for the resumption of services or a formal plan for user reimbursement. While the exchange remains offline, it maintains that these “hostile actions” are part of a broader geopolitical effort to restrict digital asset transfers within the Commonwealth of Independent States.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Trump Says Iran-Related Progress Looking Very Positive; Nuclear Weapons Prevention Is Top Priority
U.S. President Donald Trump reported "very positive" developments concerning Iran, focusing on preventing the country from obtaining nuclear weapons, following recent favorable news.
GateNews2h ago
Economist Proposes National USD Stablecoin to Eliminate Currency Controls in Venezuela
Alejandro Grisanti, head of Ecoanalitica, proposed issuing a national USD stablecoin as part of a series of measures to lift currency controls in Venezuela. This system would complement the current auction system, allowing the excluded sector to receive dollars via blockchain rails.
Key
Coinpedia4h ago
U.S. Treasury Issues General License 135 Authorizing Russian Crude Oil Transactions Through May 17
The U.S. Treasury's OFAC issued General License 135, permitting specific Russian energy transactions impacted by sanctions, allowing necessary deliveries and repairs for cargo loaded before April 17, with a deadline for completion by May 17.
GateNews5h ago
Iran and U.S. Drafting Memorandum of Understanding for Permanent Peace Framework
An Iranian official announced that Iran and the U.S. are drafting a memorandum of understanding for a permanent peace agreement, with negotiations set in Pakistan and a 60-day follow-up timeframe.
GateNews6h ago
Iran's Parliament Speaker Says Trump's 7 Statements Are 'Entirely False'
Iran's Parliament Speaker, Mohammad Baqer Qalibaf, claimed that all statements made by U.S. President Donald Trump within an hour are "entirely false," without detailing which statements he meant.
GateNews6h ago
Trump Says Naval Blockade on Iran Will Continue Until Deal Is Completed
President Trump announced on social media that the naval blockade on Iran will persist until a complete deal is finalized, emphasizing that negotiations are nearly done and should be concluded swiftly.
GateNews15h ago
