Russian Crypto Exchange Grinex Suffers $13 Million Hack
Highlights:
- Russian crypto exchange Grinex suffered a serious crypto exploit on April 16.
- The exchange has confirmed the incident, stating that it lost over 1 billion rubles.
- On-chain investigations revealed that the attack affected about 70 wallets and another exchange linked to Grinex.
Grinex, a Russian crypto exchange, suffered a major security compromise, resulting in losses worth roughly $15 million (over 1 billion rubles) in users’ funds. Grinex confirmed that the incident occurred in the late hours of April 16, 2026. The exchange added that the attack forced it to shut down services. The trading platform has also partnered with law enforcement agencies to track and recover the stolen assets.
Grinex, one of Russia's largest cryptocurrency exchanges, was attacked, resulting in a loss of approximately 13 million USDT
Grinex reported a cyberattack that resulted in losses of about 1 billion rubles (approximately $13 million) and led to a suspension of trading services.…
— Wu Blockchain (@WuBlockchain) April 17, 2026
Blockchain Account of the Russian Crypto Exchange Hack Incident
TRM Labs, an on-chain investigation platform, shared more details about the hack incident. The investigation platform reported that a significant portion of the stolen funds was held in USDT on the Tron (TRX) network.
TRM Labs also noted that the attacker quickly converted the stolen assets into TRX and moved them into a single wallet address. So far, the hacker has moved 45.9 million TRX, valued at approximately $15 million, to the said wallet.
TRM Labs also pointed out that roughly 70 wallets were connected to the incident. This figure is more than the 54 wallets initially reported in Grinex’s statement. Additionally, the blockchain analysis firm is investigating four Ethereum (ETH) wallets used in moving the stolen assets, though it is not yet clear where funds from these accounts ended up. Investigations also disclosed that another platform, TokenSpot, was involved in the hack. For context, TokenSpot is based in Kyrgyzstan and has links to Grinex via blockchain activities.
Unlike Grinex, TokenSpot suffered a much lesser loss, estimated to be around $5,000. These funds were also sent to the same wallet used by the Grinex exploiter. TokenSpot has since resumed operations, having described the incident as a purely technical issue.
Meanwhile, based on the attack pattern, TRM Labs believes it was likely an outside attack rather than a planned shutdown by the exchange. The hacker targeted both large and small wallets across more than one platform, suggesting a broader attack rather than a targeted internal move.
TRM Labs stated:
“TRM assesses that this incident was more likely an external cyber operation rather than an exit scam. However, as the situation is still evolving, it is not possible to rule out coordinated insider involvement at this time.”
Sanctioned Russian exchange Grinex lost USD 15 million in a cyberattack on April 16.
TRM traced around 70 attacker-linked addresses — 16 more than Grinex publicly disclosed — with all known stolen funds consolidated at a single TRON address (~45.9 million TRX).
On-chain… pic.twitter.com/ky4sZFLCcj
— TRM Labs (@trmlabs) April 16, 2026
Hack Incidents in April Continue to Rise
Despite hitting a very low level in the amount of stolen cryptocurrencies in March, this month has experienced a significant surge in hack incidents, exceeding the $52 million loss reported last month.
So far, the biggest hack incident this month is the $285 million compromise on the popular Decentralized Exchange (DEX) Drift Protocol. Others include the exploit on the Bitcoin ATM operator, Bitcoin Depot. The ATM operator lost $3.665 million after an attacker breached internal systems and moved 50.9 BTC from wallets.
Decentralized GPU cloud computing network Aethir was also the target of a security exploit this month. However, the platform’s security team responded swiftly, limiting the losses to below $90,000. A cross-chain bridge connected to Polkadot also suffered a security breach on April 13. The attacker minted 1 billion fake DOT tokens and quickly sold them on Ethereum.
eToro Platform
Best Crypto Exchange
- Over 90 top cryptos to trade
- Regulated by top-tier entities
- User-friendly trading app
- 30+ million users
eToro is a multi-asset investment platform. The value of your investments may go up or down. Your capital is at risk. Don’t invest unless you’re prepared to lose all the money you invest. This is a high-risk investment, and you should not expect to be protected if something goes wrong.
Chinedu Agbakwusi
Chinedu Agbakwusi is a news writer and editor for Crypto2Community. He is a crypto enthusiast with vast experience across several crypto-related projects and platforms. Chinedu has been following the development of the crypto market for several years, and he is optimistic about its potential to democratise the global financial system. He hopes to be a reliable plug for reporting trends and breaking down complex concepts to his readers. Agbakwusi's previously written for several crypto news including Times Tabloid, UPay, while also contributing over the years to many others leading media publications.
View full profile ›ℹ️About Crypto2Community's Editorial Process
Crypto2Community's editorial policy is centered on delivering thoroughly researched, accurate, and unbiased content. We uphold strict editorial policy and sourcing standards, and each page undergoes diligent review by our team of top crypto industry experts and seasoned editors. This process ensures the integrity, relevance, and value of our content for our readers.
