Kyrgyzstan-based crypto exchange Grinex suspended operations after a $13.7 million theft from wallets used by Russian users, an attack the exchange attributed to foreign (Western) intelligence agencies while blockchain analysts traced the stolen funds through TRON and Ethereum via the SunSwap protocol. Grinex, widely reported as a rebrand of sanctioned Russian exchange Garantex and operator of the ruble-backed stablecoin A7A5, says the attack aimed to harm Russia’s financial sovereignty, but independent firms Elliptic and TRM Labs have not published technical evidence linking the theft to a specific state actor. #Grinex #Garantex #A7A5 #SunSwap #TokenSpot
Keypoints
- Grinex suspended operations after a $13.7 million hack targeting wallets used for crypto-ruble exchanges.
- The stolen funds were moved to TRON and Ethereum addresses and converted via the SunSwap decentralized trading protocol.
- Grinex is believed to be a rebrand of the sanctioned Russian exchange Garantex and operated the A7A5 ruble-backed stablecoin.
- Grinex attributed the attack to foreign intelligence agencies but provided no technical indicators to support that claim.
- Elliptic and TRM Labs traced multiple attacker addresses, reported a separate TokenSpot breach, and noted links to laundering and influence operations.