$15M Grinex Cyberattack Halts Operations Amid Allegations of Foreign Intelligence Involvement

$15M Grinex Cyberattack Halts Operations Amid Allegations of Foreign Intelligence Involvement

First seen 16 Apr 2026, 22:00 UTC Uk.Finance.YahooDecrypt.CoUnited24MediaTheblock.CoThecyberexpress+13 89% similarity 74.0

Article Content

Browse articles
ThreatCluster

Grinex, a Kyrgyzstan-based cryptocurrency exchange linked to Russia, suspended its operations following a cyberattack that resulted in the theft of over 1 billion rubles (approximately $13 million). The attack, which Grinex attributes to foreign intelligence services, involved a sophisticated breach of its wallet infrastructure. The stolen funds were rapidly moved across multiple blockchain networks, including Ethereum and Tron, to obscure their trail. Grinex has claimed that the attack aimed to undermine Russia's financial sovereignty, although no concrete evidence has been provided to support this assertion. The exchange has filed a police report and is currently assessing the damage. This incident highlights ongoing vulnerabilities within the cryptocurrency exchange ecosystem, particularly regarding hot wallet security. The attack follows a trend of increasing cyber threats targeting crypto exchanges in 2025 and 2026.

Key Points: • Grinex lost over $13 million in a cyberattack attributed to foreign intelligence. • The stolen funds were quickly moved across multiple blockchains to evade tracking. • Grinex has suspended all operations and filed a police report regarding the incident.

ThreatCluster AI

Timeline

2026-04-15
Grinex reports a cyberattack and theft of over 1 billion rubles.
2026-04-16
Grinex suspends operations and files a police report.
2026-04-17
Grinex issues statements alleging foreign intelligence involvement.

Community

Browse all →