19.07.2025 21:37

On Friday, a significant security breach at CoinDCX, a prominent Indian cryptocurrency exchange, resulted in the theft of $44 million. The hackers cleverly exploited a vulnerability within CoinDCX's internal systems, specifically targeting an account utilized for liquidity provisions with a separate exchange. This breach occurred via a compromised server, highlighting the persistent dangers facing even established cryptocurrency platforms.

Despite this substantial loss, CoinDCX CEO Sumit Gupta reassured users that no customer funds were compromised during the incident. He emphasized the complete segregation of operational accounts from customer wallets, ensuring the company's internal reserves would fully cover the $44 million deficit. Swift action, isolating the affected account, contained the breach promptly.

On-chain investigator ZachXBT meticulously tracked the stolen funds, revealing a complex trail. The attacker's receiving address initially received 1 Ether (ETH) via Tornado Cash, a privacy-enhancing tool, before strategically bridging a portion of the stolen cryptocurrency from the Solana to the Ethereum blockchain. This sophisticated approach underscores the challenges in tracing and recovering funds stolen in such attacks.

While CoinDCX did not respond to requests for comment from Cointelegraph before publication, the incident serves as a stark reminder of the ongoing vulnerabilities within the cryptocurrency industry. The coincidence of this hack with the anniversary of WazirX's $235 million breach last year further emphasizes the persistent need for robust cybersecurity measures. This underscores the critical importance of robust security protocols for all players, large and small, in the volatile world of digital assets.

Furthermore, the CoinDCX incident is only one of several recent high-profile attacks on cryptocurrency exchanges. Nobitex, an Iranian exchange, suffered a $100 million loss in a politically charged attack attributed to the "Gonjeshke Darande" group, who also leaked the exchange's source code, exacerbating the damage. Meanwhile, GMX V1, a version of the GMX Protocol's perpetual exchange on Arbitrum, also experienced a successful exploit in early July, resulting in further significant losses. These events, sourced from various internet resources, paint a concerning picture of the ongoing challenges faced by the cryptocurrency sector in maintaining secure operations.