India-based cryptocurrency exchange CoinDCX suffered a major cyberattack over the weekend, resulting in the loss of approximately $44.2 million from one of its internal operational wallets used for liquidity support, not user accounts.
What happened?
- Early Saturday, internal systems flagged suspicious activity. Blockchain investigators detected illicit transfers via Tornado Cash and a cross-chain bridge moving funds from Solana to Ethereum.
- CEO Sumit Gupta confirmed the breach involved only a “liquidity provisioning” account, not customer wallets. He reassured that user assets remain fully secured in cold storage.
How the exchange responded:
- CoinDCX quickly isolated the affected account, halted Web3 services, and ensured basic operations continued unrestricted.
- The company absorbed the loss using its treasury reserves and engaged cybersecurity firms to trace the stolen funds. A bug bounty program will be launched to prevent future incidents.
Read another finance blog: Click here
Context and pattern:
- The breach echoes the July 2024 WazirX hack, which saw losses of over $234 million, blamed on the Lazarus Group.
- Centralized exchanges continue to be prime hacking targets. Reports show that 65% of Web3 losses are related to exchange vulnerabilities.
Key Takeaways
- Customer Funds Safe: No client assets affected—CoinDCX’s security model worked.
- Internal Risk Exposed: Operational accounts remain a weak spot even for well-funded exchanges.
- Industry Lesson: With millions stolen in 2025, every exchange must tighten internal defenses and transparency.
Questions & Answers:
1. What is the CoinDCX hack all about?
The CoinDCX hack in July 2025 involved the theft of approximately $44.2 million from one of the company’s internal operational wallets. The stolen funds were not from customer accounts.
2. Were customer funds affected in the CoinDCX breach?
No, according to CEO Sumit Gupta, the hack only impacted a liquidity provisioning wallet. All customer funds remain safe and secure in cold storage.
3. How did the CoinDCX hack happen?
Blockchain investigators found that funds were moved via Tornado Cash and through cross-chain bridges from Solana to Ethereum. It was flagged by internal monitoring systems.
4. Is CoinDCX still safe to use?
Yes. CoinDCX responded quickly by isolating the wallet, halting affected services, and reinforcing its cybersecurity. Customer funds were not compromised.
5. What steps is CoinDCX taking after the hack?
CoinDCX is working with cybersecurity firms, planning a bug bounty program, and using treasury funds to cover losses. Web3 operations were paused temporarily.
Leave a Reply