21.07.2025 22:14

A significant security incident impacting India's leading cryptocurrency exchange, CoinDCX, resulted in a $44.2 million loss on July 19, 2025. Despite this substantial breach, the company swiftly reassured its users that all customer funds remain completely secure.

The hack targeted an internal liquidity wallet, separate from the cold storage wallets holding customer assets. This operational wallet, utilized for liquidity provisioning on a partner platform, was compromised through a targeted server vulnerability, according to CEO Sumit Gupta. Importantly, this breach did not affect the exchange's primary cold storage system, which maintains a robust proof-of-reserve protocol for user funds.

Following the discovery of the breach – approximately 17 hours after its initiation – CoinDCX immediately took action. The stolen funds were traced, revealing their movement through Tornado Cash, a known cryptocurrency mixer designed to obscure transaction origins. Furthermore, the attacker's activity involved bridging assets between the Ethereum and Solana blockchains, a tactic frequently employed to further complicate tracking efforts. Blockchain investigators, including ZachXBT and Cyvers Alerts, independently identified these suspicious transactions prior to CoinDCX's official announcement.

CoinDCX's response demonstrated a commitment to transparency and user protection. The company, utilizing its own treasury, will absorb the entire $44.2 million loss. Simultaneously, they've launched a bug bounty program, actively seeking to recover the stolen assets and enhance their security protocols. Despite the incident, the vast majority of CoinDCX's services continue to operate normally, with the exchange collaborating closely with cybersecurity experts and its partners in an ongoing investigation. The incident underscores the evolving challenges in safeguarding digital assets within the cryptocurrency ecosystem.