Kyrgyzstan Crypto Exchange Grinex Blames 'Unfriendly States' for $15 Million Heist, Shuts Down
By
<h2>Breaking: Grinex Halts Operations After $15 Million Hack</h2><p><strong>Grinex</strong>, a US-sanctioned cryptocurrency exchange registered in Kyrgyzstan, announced it is shutting down after a massive heist that saw approximately <strong>$15 million</strong> in digital assets stolen. The exchange directly blamed <em>"unfriendly states"</em>—specifically referring to <strong>Western special services</strong>—for orchestrating the attack.</p><figure style="margin:20px 0"><img src="https://cdn.arstechnica.net/wp-content/uploads/2026/04/cryptocurrency-1152x648.jpg" alt="Kyrgyzstan Crypto Exchange Grinex Blames 'Unfriendly States' for $15 Million Heist, Shuts Down" style="width:100%;height:auto;border-radius:8px" loading="lazy"><figcaption style="font-size:12px;color:#666;margin-top:5px">Source: feeds.arstechnica.com</figcaption></figure><p>Blockchain forensics firm <strong>TRM Labs</strong> confirmed the theft, identifying roughly <strong>70 drained addresses</strong>, about 16 more than Grinex initially reported. Neither TRM nor fellow research firm <strong>Elliptic</strong> has disclosed how the attackers breached Grinex's defenses.</p><h3>Quote from Grinex</h3><p><em>"The digital footprints and nature of the attack indicate an unprecedented level of resources and technology available exclusively to the structures of unfriendly states,"</em> Grinex stated. <em>"According to preliminary data, the attack was coordinated with the aim of causing direct damage to Russia's financial sovereignty."</em></p><h2 id="background">Background</h2><p>Grinex, which launched just <strong>16 months ago</strong>, has been under nearly constant cyber assault since its inception. The exchange was already on the US sanctions list for allegedly facilitating financial activities linked to Russia. The latest attacks, according to Grinex, specifically targeted <strong>Russian users</strong> of the platform.</p><p>This incident marks one of the largest heists involving a sanctioned exchange operating in Central Asia. The $15 million figure, adjusted upward from Grinex's initial $13 million estimate, highlights the scale of the operation.</p><figure style="margin:20px 0"><img src="https://cdn.arstechnica.net/wp-content/uploads/2026/04/cryptocurrency-640x395.jpg" alt="Kyrgyzstan Crypto Exchange Grinex Blames 'Unfriendly States' for $15 Million Heist, Shuts Down" style="width:100%;height:auto;border-radius:8px" loading="lazy"><figcaption style="font-size:12px;color:#666;margin-top:5px">Source: feeds.arstechnica.com</figcaption></figure><h2 id="what-this-means">What This Means</h2><p>The shutdown of Grinex underscores the growing vulnerability of cryptocurrency exchanges in regions subject to Western sanctions. <strong>State-backed hacking groups</strong> are increasingly using crypto platforms as a battleground for <strong>economic warfare</strong>.</p><p>For Russia, the loss of a sanctioned exchange that served its citizens raises questions about the <strong>security of alternative financial channels</strong>. For the global crypto industry, it signals a new era of targeted, high-resource cyberattacks that smaller exchanges may be ill-equipped to fend off.</p><h3>Key Figures</h3><ul><li><strong>$15 million:</strong> Total value of stolen assets (per TRM Labs)</li><li><strong>70+ addresses:</strong> Drained wallets identified by investigators</li><li><strong>16 months:</strong> Time since Grinex began operations</li></ul><p>As geopolitical tensions escalate, experts warn that more such heists are likely. <em>"This is a warning shot for any exchange operating in contested financial zones,"</em> said a cybersecurity analyst who requested anonymity due to the sensitive nature of the case.</p><p>Read the full original article <a href="#">here</a>.</p>