Kyrgyzstan Exchange Grinex Halts Operations After Alleged $15 Million Cyber Heist

Grinex, a cryptocurrency exchange registered in Kyrgyzstan and under US sanctions, announced it is ceasing operations following a reported $13 million cyber heist. Researchers have confirmed the theft, estimating the value of stolen assets at $15 million. Grinex alleges that "western special services" hackers orchestrated the attack, claiming it was coordinated to damage Russia's financial sovereignty.

The exchange stated that the digital footprints and nature of the attack suggest a high level of resources and technology exclusively available to "unfriendly states." Grinex has suspended all operations and submitted all gathered information to law enforcement agencies.

Blockchain research firm TRM also reported that TokenSpot, another Kyrgyzstan-based exchange, was compromised. Funds were sent from TokenSpot addresses to the same consolidation address used by Grinex-linked wallets. Both exchanges became inoperable concurrently, suggesting a single attacker.

TRM identified TokenSpot as a front for Grinex. The US Treasury Department sanctioned Grinex last year, noting it was a rebrand of Garantex, an exchange sanctioned in 2022 for processing over $100 million in transactions linked to illicit activities since 2019.