Introduction: The Rise of Grinex
Less than two weeks after facing closure by international law enforcement, Garantex, a notorious Russian cryptocurrency exchange known for its connections to ransomware gangs and sanctions-evading oligarchs, has reportedly rebranded itself as Grinex. This rapid transformation raises questions about the resilience of illicit financial networks and the challenges posed by sanctions.
The Evidence of Rebranding
According to a detailed report from Swiss blockchain analytics firm Global Ledger, substantial on-chain and off-chain data suggests that Grinex is a direct successor to Garantex. Notably, liquidity previously held by Garantex, including its ruble-backed stablecoin A7A5, has already been relocated to wallets controlled by Grinex.
Global Ledger’s CEO, Lex Fisun, highlighted the swift ascendance of Grinex, noting that it surpassed $40 million in trading volume within just two weeks. Fisun also pointed out multiple social media connections between the two exchanges, reinforcing the notion of their close relationship.
Pending Verification from Analytics Firms
While Global Ledger’s findings are compelling, other major blockchain analytics companies, such as TRM Labs and Chainalysis, have yet to confirm this information. Andrew Fierman, Head of National Security Intelligence at Chainalysis, expressed that he has observed several indicators linking Grinex to Garantex but emphasized the need for further investigation before making definitive conclusions.
A telling detail emerged from a recent Telegram comment by Sergey Mendeleev, one of Garantex’s founders, who announced the inception of Grinex, claiming that any resemblances between the two exchanges were coincidental, accompanied by laughter emojis. Both Fierman and Fisun noted reports of former Garantex users visiting in-person offices in Europe and the Middle East to transfer their assets to Grinex, further indicating a seamless transition.
Historical Context: Rebranding in the Crypto World
If Grinex is indeed a rebranding of Garantex, this would not be the first instance of a sanctioned exchange reinventing itself post-closure. In 2017, the Russian exchange BTC-E was dismantled by U.S. authorities and subsequently rebranded as WEX, only to collapse a year later due to internal conflicts. Similarly, the sanctioned Russian exchange Suex rebranded as Chatex but faced sanctions again shortly thereafter.
The Challenges of Enforcing Sanctions
The swift resurrection of Garantex underscores the complexities of enforcing sanctions, particularly against criminal enterprises like non-compliant exchanges and ransomware groups that can easily adapt to avoid detection.
Fierman noted, “Sanctions evasion is an inevitability. If you’re sanctioned, you’re not simply going to accept that you can no longer conduct financial transactions. Instead, you’re going to seek ways to avoid detection, whether through shell companies or new crypto wallets. The larger and more advanced the operation, the more sophisticated the methods will be.”
While this issue is not exclusive to cryptocurrencies, the transparent and immutable nature of blockchain technology provides law enforcement with unique opportunities to trace illicit financial flows post-sanction.
Potential Successors to Garantex
Regardless of whether Grinex is Garantex 2.0, a host of other non-compliant Russian exchanges stand ready to fill the gap left by Garantex. Ari Redbord, global head of policy and government affairs at TRM Labs, remarked that it’s “too early” to draw firm conclusions about the relationship between Grinex and Garantex but acknowledged that other high-risk exchanges are likely to seize the opportunity.
A recent report from TRM Labs identified several potential successors, including high-risk platforms like ABCEX and Keine-Exchange.
The Downfall of Garantex
Garantex was dismantled in a coordinated international law enforcement operation led by the U.S., Germany, and Finland, which resulted in the seizure of its domain and servers. The U.S. Treasury’s Office of Foreign Assets Control (OFAC) had previously sanctioned the exchange in 2022, citing its facilitation of money laundering for ransomware groups such as Black Basta and Conti, as well as associations with darknet markets like Hydra.
Court documents revealed that Garantex also served clients connected to North Korea’s Lazarus Group, responsible for the recent $1.4 billion Bybit hack, and Russian oligarchs seeking to evade sanctions following Russia’s invasion of Ukraine.
Two of Garantex’s operators, Aleksej Besciokov, a Lithuanian national, and Aleksandr Mira Serda, a Russian citizen residing in the UAE, face charges of conspiracy to commit money laundering. Besciokov was arrested while on vacation in India and is expected to be extradited to the U.S. to face trial.
Conclusion: The Ongoing Battle Against Illicit Finance
The emergence of Grinex from the ashes of Garantex exemplifies the persistent challenges faced by regulators and law enforcement in combatting illicit finance within the cryptocurrency landscape. As the landscape continues to evolve, so too must the strategies to counteract the adaptive tactics of non-compliant exchanges and criminal enterprises.
