Swedish crypto exchange Trijo hacked for 7.8 MSEK

Swedish crypto exchange Trijo, subsidiary of listed GreenMerc, has been subjected to an “unauthorized withdrawal” of SEK 7.8 million. It was on Thursday morning that Greenmerc discovered that unauthorized persons had accessed parts of the company's internal systems.

August 1, 2025

27 Accounts Suspended

According to a press release from GreenMerc, 27 accounts have been exposed and the customers who have been affected by erroneous withdrawals will be compensated by GreenMerc. Trijo has a total of about 65,000 customers.

The suspected incident was discovered in the early hours of the morning. Intruders have had access to internal systems and have managed to carry out a few withdrawals from the crypto exchange Trijo's so-called hot wallet, where less than 1% of the exchange's assets are held.

Measures from GreenMerc

GreenMerc has after the incident:

  • Identified how the break-in could happen
  • Revealed exactly what information has been exposed and what economic damage has been caused
  • Implemented measures to secure the systems and prevent future break-ins

In parallel, the company is working to ensure that all affected customers are contacted directly and receive clear information about how they are affected. As there is reason to suspect that personal data of both Trijos and Northcrypto's customers may have been exposed, the company has commenced the process of reporting the incident to the relevant authorities. Customers who may have experienced that their personal data has been leaked will be contacted separately.

According to the press release, GreenMerc prioritizes safety and customer trust, and takes this incident extremely seriously.

More information

GreenMerc has also created a separate Q&A document with answers to several questions surrounding the event, which is available here: