A US-sanctioned cryptocurrency exchange, Grinex, has been hit by a $15 million cyberattack allegedly carried out by ‘western special services’. The exchange said it was forced to suspend operations after being targeted for almost two years. Researchers from TRM confirmed the theft and noted that another Kyrgyzstan-based exchange, TokenSpot, was also compromised. Both exchanges are linked through shared consolidation addresses.

The attack is seen as a direct hit on Russia’s financial sovereignty, with Grinex blaming ‘structures of unfriendly states’. The US Treasury Department has sanctioned Grinex for its alleged ties to ransomware actors and other cybercriminals since 2019. This latest incident marks the ongoing tech skirmishes in an increasingly digital battlefield.

Grinex’s statement highlighted the unprecedented resources used, suggesting state-sponsored hackers were behind the attack. The exchange has handed over all information to law enforcement and is working towards initiating a criminal case against the attackers.

The coordinated nature of the attacks on Grinex and TokenSpot raises questions about the extent of collaboration between cybercriminals and nation-states in cyberspace. With both exchanges becoming inoperable simultaneously, it appears they were hit by the same attacker or worked together to execute this complex operation.