Indian exchange CoinDCX has suffered a cybersecurity attack, resulting in the loss of $44 million. This incident comes exactly one year after Indian exchange WazirX suffered a $235 million hack.
CoinDCX Server Breach: User Funds Secure
In an X post on July 19, CoinDCX CEO Sumit Gupta said that the crypto exchange suffered a server breach to one of its internal operational accounts. Gupta said that the affected wallet address is only used for liquidity supply on a partner exchange. Therefore, all assets in user wallets are safe and accounted for, with INR withdrawals fully functional.
Furthermore, the CoinDEX CEO states the hack has been contained by isolating the affected operational account. Meanwhile, the value of the total lost assets would be offset by the exchange’s reserve as they commence efforts to track down the parties behind this hack.
Gupta explains that these efforts involve various legs, ranging from an ongoing internal security review to the planned launch of a bug bounty program.
The CoinDCX CEO said:
Our internal security and operations teams have been working through the day along with leading cybersecurity partners to investigate the matter, patch any vulnerabilities and trace the movement of funds. We are collaborating with the exchange partner to block and recover assets, including coming out with a bug bounty program soon.
Meanwhile, on-chain investigator ZachXBT has criticized CoinDCX for revealing the hack incident 17 hours after its occurrence, despite claiming to operate in transparency. Meanwhile, the renowned investigator also shared some updates on the hackers’ action in a telegram message:
The attacker address was funded with 1 ETH from Tornado Cash and later bridged a portion of the stolen funds from Solana to Ethereum.
Sumit Gupta has described the security breach as a learning moment, as the crypto industry continues to take major steps in battling cybersecurity threats.
Crypto Service Losses Reach $2.17 Billion
Notably, the attack on CoinDCX marks the latest major hack in the crypto industry, underscoring the ongoing need for robust and evolving security measures. Meanwhile, data by Chainanalysis shows bad actors made away with a total stolen funds of $2.17 billion from crypto services in 2025 H1 alone.
This revelation is highly discouraging as the reported loot is already greater than the total value lost in 2024, which was nearly $2 billion. Chainanalysis warns that if the current rate of successful malicious events continues to occur, the cryptocurrency business may end up losing a projected $4.3 billion to hacks.
Source link
