New crypto exchange Grinex suspected to be Garantex rebrand following US seizure

New crypto exchange Grinex suspected to be Garantex rebrand following US seizure

A newly launched cryptocurrency exchange named Grinex may be a rebrand of the sanctioned Russian platform Garantex shut down by US authorities in March.

According to a new report from TRM Labs, Grinex shows “strong ties” to Garantex, a crypto exchange that was officially registered in Estonia but operated largely out of Russia. Garantex was sanctioned by the US

Treasury’s Office of Foreign Assets Control (OFAC) in April 2022 for facilitating billions in illicit transactions tied to ransomware gangs and darknet markets, including Conti, Hydra, and Solaris.

After Garantex’s domains were seized, Grinex was immediately promoted in Telegram channels associated with the Satoshkin group, calling it “a new platform with familiar functionality.”

Grinex not only copied Garantex’s interface but reportedly entered into agreements to onboard its former clients and staff. Most notably, the platform began redistributing frozen Garantex assets using a new ruble-pegged stablecoin named A7A5, which was announced just two weeks before Garantex was taken down.

While TRM Labs has not confirmed if Grinex is currently engaged in illicit activity, the firm identified two Kyrgyzstan-based companies involved in significant A7A5 transactions.

Authorities have already arrested one Garantex administrator, Aleksej Besciokov, who was detained while vacationing in India. Another administrator, Aleksandr Mira Serda, remains charged but at large.

“Whether it’s darknet markets or non-compliant virtual asset service providers (VASPS) like Garantex, when one is taken down others will rise to take its place — whether via a potential rebrand like Grinex or would-be successors like Rapira and ABCEX. Whatever happens in the wake of Garantex, the global compliance and enforcement community will need to stay one step ahead,” the report concludes.

Back to the list

Latest Posts

Cyber Security Week in Review: May 16, 2025

Cyber Security Week in Review: May 16, 2025

In brief: Microsoft, Fortinet, Ivanti, and Google patch zero-days, crypto exchange Coinbase reveals a data breach, and more.
16 May 2025
Russia-linked espionage operation targeting webmail servers via XSS flaws

Russia-linked espionage operation targeting webmail servers via XSS flaws

The campaign exploits XSS vulnerabilities in widely used webmail servers to steal sensitive data from high-value targets.
15 May 2025
Kosovo man extradited to US for running BlackDB.cc criminal marketplace

Kosovo man extradited to US for running BlackDB.cc criminal marketplace

If convicted on all counts, Masurica faces up to 55 years in federal prison.
14 May 2025