A newly launched cryptocurrency exchange named Grinex may be a rebrand of the sanctioned Russian platform Garantex shut down by US authorities in March.
According to a new report from TRM Labs, Grinex shows “strong ties” to Garantex, a crypto exchange that was officially registered in Estonia but operated largely out of Russia. Garantex was sanctioned by the US
Treasury’s Office of Foreign Assets Control (OFAC) in April 2022 for facilitating billions in illicit transactions tied to ransomware gangs and darknet markets, including Conti, Hydra, and Solaris.
After Garantex’s domains were seized, Grinex was immediately promoted in Telegram channels associated with the Satoshkin group, calling it “a new platform with familiar functionality.”
Grinex not only copied Garantex’s interface but reportedly entered into agreements to onboard its former clients and staff. Most notably, the platform began redistributing frozen Garantex assets using a new ruble-pegged stablecoin named A7A5, which was announced just two weeks before Garantex was taken down.
While TRM Labs has not confirmed if Grinex is currently engaged in illicit activity, the firm identified two Kyrgyzstan-based companies involved in significant A7A5 transactions.
Authorities have already arrested one Garantex administrator, Aleksej Besciokov, who was detained while vacationing in India. Another administrator, Aleksandr Mira Serda, remains charged but at large.
“Whether it’s darknet markets or non-compliant virtual asset service providers (VASPS) like Garantex, when one is taken down others will rise to take its place — whether via a potential rebrand like Grinex or would-be successors like Rapira and ABCEX. Whatever happens in the wake of Garantex, the global compliance and enforcement community will need to stay one step ahead,” the report concludes.
