OFAC Targets Russia’s Crypto Lifeline: Grinex and A7A5 in the Crosshairs
The U.S. Treasury has escalated its crackdown on Russia’s shadow crypto economy, sanctioning Kyrgyzstan-based Grinex, ruble-backed stablecoin A7A5, and their operators. What began with TRM’s early warnings about Kyrgyz exchanges has now been confirmed in detail by Elliptic and Chainalysis, who both traced the laundering rails from sanctioned exchange Garantex to its rebranded successor Grinex. At the heart of this network sits A7A5, a ruble stablecoin backed by sanctioned lender Promsvyazbank and fugitive oligarch Ilan Shor, which has processed over $51 billion in transactions this year alone. Elliptic’s analysis shows A7A5 liquidity directly seeded from Garantex, while Chainalysis highlights the token’s role as a Monday–Friday “business coin” for sanctioned Russian entities. Together, the findings confirm that A7A5 was purpose-built as a cross-border sanctions evasion tool, not a retail token. With its rapid growth and dedicated DEX liquidity pools bridging into mainstream stablecoins, A7A5 poses fresh compliance challenges - showing how Russia is operationalizing crypto infrastructure as parallel payment rails. For investigators, the Garantex-to-Grinex shift is the clearest example yet of sanctioned actors rebuilding under new flags, and a reminder that takedowns rarely end the story.
0xInfini Exploit Wallets Reactivate With $7.4M Swap Attempt
The 0xInfini exploit is back in the spotlight. In February 2025, attackers drained ~$49 million from the protocol after abusing an overlooked admin role to whitelist their own address and redeem all vault tokens. The stolen funds were quickly swapped from USDC to DAI and then converted into 17,696 ETH, which remains mostly untouched in two wallets holding over $52 million combined.
This week, Blockscope flagged new activity when the exploiter nearly swapped $7.4 million worth of ETH into DAI, showing the wallets are still active and laundering attempts are ongoing. The exploit remains a textbook case of how admin privileges can be a single point of failure — once compromised, they can bypass otherwise sound smart contract logic.
Stablecoins at the Center of $5.5M Cartel Laundering Case
The U.S. DEA and federal prosecutors have seized $5.5 million in USDT tied to a cartel-linked money laundering network, with support from TRM Labs. The scheme blended bulk cash pickups, rapid crypto conversions, and cross-chain hops through TRON and Ethereum, funneling more than $15 million before consolidation in seized wallets. Investigators combined undercover ops and shell company probes with blockchain tracing, exposing how cartels now rely on stablecoins as laundering pipelines. The case underscores both the risks of stablecoin misuse and the power of analytics to dismantle sophisticated networks.
More weekly top stories:
Binance Joins T3 Collab
Crypto fraud isn’t slowing down
Eight areas where crypto may already be in your banking ecosystem
An unnamed source recently compromised a DPRK IT worker device
More stories from this week:
See you next week!
