Sanctioned Crypto Exchange Grinex Pauses Operations After $14 Million Hack | Crypto Security News
Crypto security news: Sanctioned Crypto Exchange Grinex Pauses Operations After $14 Million Hack. This update explains what happened, why it matters for wallets, exchanges, traders, and users, and what the market should watch next.
Crypto Security Update
Sanctioned crypto exchange Grinex said it has suspended trading after losing more than 1 billion Russian rubles ($13.7 million) to an attack bearing signs of involvement by foreign intelligence agencies.The exchange, which is registered in Kyrgyzstan but has been linked to Russia’s crypto ecosystem and alleged sanctions evasion, said on Thursday that the funds were taken from 54 addresses and that the digital footprint and nature of the attack indicate an “unprecedented level of resources and technology available only to entities of hostile states.”“Due to the attack, the Grinex exchange has been forced to suspend operations. All available information has been transferred to law enforcement agencies. A criminal complaint has been filed at the location of the infrastructure,” it added.Grinex had been widely seen as the successor to the similarly sanctioned Garantex exchange. Both have been accused by US authorities of assisting Russia and other entities in evading sanctions and laundering funds for Russia-linked hackers.Elliptic founder Tom Robinson has accused it of being the primary platform for trading A7A5, a ruble-backed stablecoin linked to sanctions evasion.A Grinex spokesperson told Cointelegraph last year that it strongly condemns any form of illegal activity, including sanctions evasion and money laundering.Another exchange might have been hit by the same attackerGrinex may not have been the only exchange targeted. Blockchain intelligence company TRM Labs said on Thursday that two wallets from TokenSpot, a Kyrgyzstan-based exchange with on-chain links to Grinex, sent around $5,000 to the same consolidation address used by the Grinex attacker.TokenSpot’s Telegram channel announced technical work and a brief platform outage on April 15, followed the next day by an announcement that it had resumed full operations.Source: TRM LabsAt the same time, TRM Labs said it has identified 16 additional addresses linked to the incident in addition to those Grinex publicly disclosed. The consolidation address where all the funds have been sent contains 45.9 million TRON (TRX), worth nearly $15 million.Hacker might have stolen $15 million in USDTBlockchain analytics firm Elliptic said it tracked about $15 million in USDt (USDT) leaving Grinex accounts. The funds were then sent to accounts on the Tron or Ethereum blockchains.Related: Ukraine arrests FBI-wanted cybercrime suspect, seizes $11M in assets“This USDT was then converted to another asset, either TRX or ETH. By doing so, the thief avoided the risk of the stolen USDT being frozen by Tether,” the company said.This is not the first time an exchange accused of helping entities evade US sanctions has been targeted. Iran-based exchange Nobitex had $81 million drained in June 2025, with a pro-Israel hacker group claiming responsibility.Magazine: Singapore isn’t a ‘crypto hub’ — it’s something better: StraitsX CEOCointelegraph is committed to independent, transparent journalism. This news article is produced in accordance with Cointelegraph’s Editorial Policy and aims to provide accurate and timely information. Readers are encouraged to verify information independently. Read our Editorial Policy https://cointelegraph.com/editorial-policy
Why This Security News Matters
First, this development may affect exchange safety, wallet security, user trust, and broader market sentiment. In addition, it may influence platform security practices, fund recovery efforts, and regulatory pressure. As a result, traders and crypto users should watch the next updates closely.
What To Watch Next
Watch for official statements, post-mortem reports, wallet warnings, exchange responses, and fund recovery updates. In particular, any new details about phishing, exploits, private key exposure, or security patches could directly affect the broader crypto market.
