The recently hacked cryptocurrency exchange Grinex intends to compensate customers for stolen assets worth over a billion Russian rubles. The Kyrgyzstan-based coin trading platform is best known for helping Russia circumvent Western sanctions imposed over its invasion of Ukraine. Grinex promises compensation for those affected by massive hack The largest exchange in the Russian-speaking segment of the crypto market, Grinex, has decided to pay clients for assets lost in a hacking attack last month. The Kyrgyz-registered platform was breached in mid-April with the unknown perpetrators draining an estimated 1 billion rubles’ worth of cryptocurrency. The funds, currently worth over $13 million, remain in wallets controlled by the attackers, representatives of the exchange told the leading Russian crypto news outlet Bits.media on Friday. While the digital coins are not available for immediate return, they have been already marked as “stolen” by international anti-money laundering services, they emphasized. Russian police have opened an investigation into the case. The exchange shared all gathered information with law enforcement in Russia, where most of its clients reside. The hackers withdrew Tether (USDT) from 54 addresses, most of which on the Tron network, and transferred them to two wallets on the same blockchain, according to the AML analytics firm CoinKit. The assets, valued at $13 to $15 million at the time, were then converted to Tron tokens (TRX) through the decentralized platform SunSwap (Sun.io). They were eventually consolidated into a single address – TH9kgjfrKeTNeyXtDKvxCXZ1dVKr7neKVa – the report further detailed. Grinex offers customers to first withdraw A7A5 stablecoins The exchange halted all deposits and withdrawals on its Grinex.io website when it discovered the breach, initially posting on Telegram it’s “experiencing a technical break” late on April 15. In a statement published Thursday, it announced its intention “to work on compensating users” for the assets stolen in the attack, which it described as “prolonged, complex, and highly technical.” Affected clients will be able to first withdraw holdings in A7A5, the ruble-pegged stablecoin believed to have processed over $100 billion in transactions since its launch in early 2025. The crypto trading platform admitted the funds “have been consolidated in the attackers’ public wallet and are inaccessible for recovery” but emphasized: “Grinex management has made a strategic decision to compensate for the stolen assets and to raise funds for this. The team is working to restore the infrastructure and is developing mechanisms for future compensation. The first step will be the withdrawal of the ruble stablecoin A7A5.” “Finding ways to compensate clients remains our absolute priority,” a spokesperson stressed, adding the company is collaborating with leading experts in the fields of blockchain forensics and cybersecurity. The exchange also said it considers the hack an “unprecedented” example of a hybrid attack, combining infrastructure hacking and theft of funds. It further noted that the case represents a new stage in attempts to influence Russia’s emerging crypto industry. The country prepares to regulate its digital-asset market by the summer. Grinex set to continue to play its role in sanctions evasion In another Telegram post on April 16, Grinex alleged it had been hit by “Western intelligence agencies.” The claim was disputed by analysts at the compliance platform BitOK. Grinex was established in Kyrgyzstan last spring as the successor of the Russian exchange Garantex, which was busted in a U.S.-led operation in March 2025. It is the main trading platform for A7A5, the largest non-dollar stablecoin, believed to be widely used by Russian players to bypass international financial restrictions. Grinex, as well as a number of entities related to the ruble-denominated cryptocurrency, have been targeted in sanctions by the U.S., the EU, and the U.K. These include the Russian company A7, the coin’s alleged creator, and the Kyrgyzstan-incorporated Old Vector, its current issuer. Powerful oligarchs and state-owned Russian banks have been profiting from the schemes designed to evade sanctions imposed by the West, as recently reported by Cryptopolitan. The smartest crypto minds already read our newsletter. Want in? Join them .
