19.07.2025 23:56

A sophisticated cyberattack resulted in the theft of approximately $44.2 million from CoinDCX, a prominent Indian cryptocurrency exchange. The attack, remaining undetected for a full 17 hours, highlights significant vulnerabilities in the exchange's security protocols and crisis management procedures. This incident underscores the ongoing challenges faced by the Indian cryptocurrency industry in maintaining robust security measures.

Unlike a timely public announcement from CoinDCX, the breach was first uncovered by independent on-chain investigator ZachXBT. ZachXBT's meticulous investigation revealed the attacker's intricate methods, tracing the stolen funds—initially a single ETH from Tornado Cash—through various cross-chain bridges, ultimately laundering the $44.2 million across Solana and Ethereum networks. The attacker's success stemmed partly from the fact that the compromised hot wallet wasn't listed in CoinDCX's publicly available proof-of-reserves, thus remaining hidden from public scrutiny. This lack of transparency raises substantial concerns about the exchange's security practices and overall communication strategy.

Following ZachXBT's public revelation, CoinDCX CEO Sumit Gupta acknowledged the breach via social media. Gupta confirmed the successful exploit of an internal hot wallet used for liquidity provision on a partner exchange, attributing the incident to a highly complex server attack. He emphasized that no user funds were compromised, assuring customers that the company's treasury would absorb all losses. Furthermore, Gupta reassured users that the affected wallet had been immediately isolated and that all trading and withdrawal functionalities continued uninterrupted. These statements aim to restore public confidence, although the prolonged period of silence before disclosure remains a point of contention.

This incident serves as a stark reminder of the inherent risks within the cryptocurrency landscape and the need for heightened security measures and transparent communication by exchanges. The reliance on independent investigators to uncover major breaches underscores a critical need for improved internal security practices and proactive disclosure by companies in the crypto space. The use of stealthy cross-chain tools by attackers, originating from a seemingly insignificant starting point (one ETH), further illustrates the sophisticated nature of modern cyber threats and the need for continuous adaptation and innovation in security technologies. Sources from internet resources indicate a broader concern for the security of Indian cryptocurrency exchanges.