Grinex exchange suspected rebrand of sanctioned Garantex crypto firm

According to a new report by blockchain intelligence firm TRM Labs, Grinex shows strong ties to Garantex's previous operations but has not determined if it's currently being used for illicit transactions. U.S. authorities seized Garantex's domains in early March 2025 for multiple violations, including the processing of $100 billion worth of illicit transactions and facilitating money laundering for ransomware gangs and darknet markets. A new cryptocurrency exchange named Grinex is believed to be a rebrand of Garantex, a Russian cryptocurrency exchange whose domains were seized by the U.S. authorities and an admin arrested. What is clear is that after the Garantex takedown, Grinex started distributing former Garantex user assets through the A7A5 token, with Telegram channels previously linked to Garantex promoting Grinex as a way for users to recover their frozen funds. Two weeks prior to Garantex's takedown, a new stablecoin called A7A5, pegged 1:1 to the Russian ruble, was announced on the platform, likely as a measure of the anticipated upcoming legal action. "Grinex announced it had entered into an agreement with Garantex to onboard its clients and was considering hiring former Garantex employees," explains TRM Labs. The user interface similarities between the two platforms were extensive, but more notably, Grinex was in a position to make arrangements to capture Garantex's staff and user base from its very launch. TRM Labs mentions two other platforms that emerged as a Garantex replacement, namely ABCEX, which is directly related to Garantex founder Sergey Mendeleev, and Rapira, which has welcomed several former Garantex users already. Ultimately, the rise of Grinex shows that blocking cybercrime and sanctions evasion mechanisms is a complicated process, as illicit networks can quickly adapt by rebranding, creating new stablecoins, and exploiting decentralized platforms to continue their operations unabated. Garantex was a Russian cryptocurrency exchange, officially registered in Estonia, that was sanctioned by the U.S. (OFAC) in April 2022, followed by similar actions by the UK and the EU. Two administrators of Garantex, Aleksej Besciokov and Aleksandr Mira Serda, were subsequently charged, with Besciokov arrested a few days later while vacationing in India.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Tue, 29 Apr 2025 20:25:07 +0000


Cyber News related to Grinex exchange suspected rebrand of sanctioned Garantex crypto firm

Grinex exchange suspected rebrand of sanctioned Garantex crypto firm - According to a new report by blockchain intelligence firm TRM Labs, Grinex shows strong ties to Garantex's previous operations but has not determined if it's currently being used for illicit transactions. U.S. authorities seized Garantex's domains in ...
1 month ago Bleepingcomputer.com
US charges Garantex admins with money laundering, sanctions violations - Garantex lost its license to provide virtual currency services in February 2022 after Estonia's Financial Intelligence Unit found critical compliance issues with Anti-Money Laundering and Countering the Financing of Terrorism (AML/CFT) policies and ...
2 months ago Bleepingcomputer.com
Garantex crypto exchange admin arrested while on vacation - Besciokov (aka "proforg" and "iram") controlled Garantex with 40-year-old Russian national and United Arab Emirates resident Aleksandr Mira Serda (the crypto exchange's other co-founder) between 2019 and 2025. According to court ...
2 months ago Bleepingcomputer.com
US seizes domain of Garantex crypto exchange used by ransomware gangs - Garantex lost its license to provide virtual currency services in February 2022 after Estonia's Financial Intelligence Unit found links between Garantex and wallets used for criminal activity and critical compliance issues with Anti-Money Laundering ...
2 months ago Bleepingcomputer.com
Russian crypto exchange Garantex’s website taken down in apparent law enforcement operation | The Record from Recorded Future News - Russian cryptocurrency exchange Garantex was taken down in an apparent seizure by U.S. and European law enforcement Thursday, shortly after the company said $28 million had been frozen by another cryptocurrency firm. U.S. officials said at the time ...
2 months ago Therecord.media
Alleged Co-Founder of Garantex Arrested in India – Krebs on Security - Besciokov is also charged with one count of conspiracy to violate the International Economic Emergency Powers Act—which also carries a maximum sentence of 20 years in person—and with conspiracy to operate an unlicensed money transmitting ...
2 months ago Krebsonsecurity.com Lazarus Group
Microsoft: Exchange 2016 and 2019 reach end of support in six months - This week's warning comes after Microsoft reminded IT admins in January that Exchange Server 2016 and Exchange Server 2019 will no longer receive technical support starting in October. The Exchange Server Engineering Team also shared guidance for ...
1 month ago Bleepingcomputer.com
The ticking time bomb of Microsoft Exchange Server 2013 - This is, of course, a common issue since 2021 or so, due to Exchange Server security woes- however there has been an abnormally high increase in the past few months, making me think there was some kind of Exchange Server zero day perhaps. In my own ...
1 year ago Doublepulsar.com
Feds Seize 'Sinbad' Crypto Mixer Used by North Korea's Lazarus - In its continued efforts to crack down on North Korea's most formidable state-sponsored threat group, the US government has seized a virtual currency mixer that has been serving as the principal way the group launders money stolen from its ...
1 year ago Darkreading.com Lazarus Group
The Week in Ransomware - January 20th, 2023 Crypto Exchanges Under Attack - The week of January 20th, 2023 brought yet another wave of ransomware attacks targeting crypto exchanges. Crypto exchanges all around the world have been hit by a barrage of sophisticated and well-planned ransomware campaigns. From high-profile ...
2 years ago Bleepingcomputer.com
Customer compliance and security during the post-quantum cryptographic migration | AWS Security Blog - For example, using the s2n-tls client built with AWS-LC (which supports the quantum-resistant KEMs), you could try connecting to a Secrets Manager endpoint by using a post-quantum TLS policy (for example, PQ-TLS-1-2-2023-12-15) and observe the PQ ...
7 months ago Aws.amazon.com
US seizes Sinbad crypto mixer used by North Korean Lazarus hackers - The U.S. Department of the Treasury has sanctioned the Sinbad cryptocurrency mixing service for its use as a money-laundering tool by the North Korean Lazarus hacking group. A cryptocurrency mixer is a server that allows people to deposit crypto, ...
1 year ago Bleepingcomputer.com Lazarus Group
Netgear, Hyundai latest X accounts hacked to push crypto drainers - The official Netgear and Hyundai MEA Twitter/X accounts are the latest hijacked to push scams designed to infect potential victims with cryptocurrency wallet drainer malware. While Hyundai has already regained access to their account and has cleaned ...
1 year ago Bleepingcomputer.com
Microsoft Exchange Server Flaw Exploited as a Zero-Day Bug - Microsoft has identified one of the critical vulnerabilities in Exchange Server that the company disclosed in February's Patch Tuesday update as actually being a zero-day threat that attackers are already actively exploiting. CVE-2024-21410 is an ...
1 year ago Darkreading.com CVE-2024-21410 CVE-2024-2140 CVE-2024-21412 CVE-2024-21351 Fancy Bear
Web3 security firm CertiK's X account hacked to push crypto drainer - The Twitter/X account of blockchain security firm CertiK was hijacked today to redirect the company's more than 343,000 followers to a malicious website pushing a cryptocurrency wallet drainer. Crypto fraud sleuth ZachXBT later leaked screenshots of ...
1 year ago Bleepingcomputer.com
Massive Data Breach at Gokumarket: Over a Million Users' Information Exposed - Several days before the leak, the GokuMarket team found an unprotected MongoDB instance, which was storing information about its users, namely those who bought and sold crypto on the exchange. In GokuMarket's case, it is the details of more than a ...
1 year ago Cysecurity.news
US sanctions Russian for cleaning Ryuk's and oligarchs' cash The Register - A Russian woman the US accuses of being a career money launderer is the latest to be sanctioned by the country for her alleged role in moving hundreds of millions of dollars on behalf of oligarchs and ransomware criminals. Among these was her alleged ...
1 year ago Theregister.com Wizard Spider
Ex-Amazon engineer pleads guilty to hacking crypto exchanges - Former Amazon security engineer Shakeeb Ahmed pleaded guilty this week to hacking and stealing over $12.3 million from two cryptocurrency exchanges in July 2022. The two affected companies are Nirvana Finance, a decentralized crypto exchange, and an ...
1 year ago Bleepingcomputer.com
Microsoft Exchange 2019 has reached end of mainstream support - Microsoft announced the end of mainstream support for its Exchange Server 2019 on-premises mail server software on January 9, 2023. Starting today, the company says it will no longer accept requests for bug fixes and Design Change Requests, but it ...
1 year ago Bleepingcomputer.com
Chainalysis observes decrease in cryptocurrency crime in 2023 - While the ransomware market is rising and cybercriminals continue to rack up bitcoin payments, illicit cryptocurrency activity is declining, according to new research from Chainalysis. Funds sent to illicit cryptocurrency addresses dropped from $39.6 ...
1 year ago Techtarget.com Rocke
North Korean Hackers Stole $600m in Crypto in 2023 - North Korean hackers stole at least $600m in cryptocurrency in 2023, around a third of the total value of such heists, according to blockchain intelligence firm TRM. Despite the eye-watering sum, this figure represents a 30% reduction on ...
1 year ago Infosecurity-magazine.com
CyberCrime & Doing Time: Book Review: The Crypto Launderers: Crime and CryptoCurrencies - The facts are there, and when they talk about the same cases, they align nicely. Andy Greenberg's Tracers makes those cases stories about people, while Carlisle portrays facts without character development which I would not have realized was ...
1 year ago Garwarner.blogspot.com Lazarus Group
US Authorities Identify Iranian Connection in Recent Cybersecurity Breaches - It has been announced that six Iranian officials have been sanctioned by the U.S. Department of Treasury's Office of Foreign Assets Control, the Iranian government organization responsible for the series of malicious cyber activities directed against ...
1 year ago Cysecurity.news
Crypto Enthusiasts Embrace New Frontier: Investing in Bitcoin ETFs Explained - This was the first time the Securities and Exchange Commission approved an exchange-traded fund that contained bitcoin, but the Commission stressed that its decision does not mean it endorses or approves Bitcoin, but that it remains deeply sceptical ...
1 year ago Cysecurity.news Rocke
Ads for the Illegal Drug Marketplace BlackSprut are Visible on Billboards in Moscow - Over the weekend, Moscow residents and the Russian media were surprised to see electronic billboards featuring a woman in a futuristic mask and the words 'Come to me if you're looking for the best'. The brand was BlackSprut, a Russia-linked darknet ...
2 years ago Therecord.media