CoinDCX, one of India’s largest centralized crypto exchanges, has lost over $44 million in a coordinated wallet breach — but user funds remain safe.
A Sophisticated Attack Hits CoinDCX
In a major security incident, Indian crypto exchange CoinDCX reported a loss of approximately $44.2 million after hackers infiltrated one of its operational wallets. The breach, which affected assets primarily held on the Solana blockchain, resulted in a significant portion of the stolen funds being bridged to Ethereum, according to blockchain sleuth ZachXBT and cyber analytics firm Cyvers.
Particularly notable was the use of Tornado Cash, a crypto mixing service, to fund the attack. Hackers began the exploit with just 1 ETH sourced from Tornado Cash, which they used to compromise the wallet and siphon off tens of millions in stablecoins.
CoinDCX’s Swift Response
Sumit Gupta, CEO of CoinDCX, acknowledged the breach and emphasized that no user assets were affected. He explained that the compromised wallet was linked to a liquidity management account used on a partner platform. In a statement, Gupta reassured the community that user funds are securely stored in cold wallets and that INR withdrawals are functioning normally.
To mitigate the damage and ensure trust, CoinDCX confirmed that all losses will be covered using the company’s internal reserves. The compromised account was immediately isolated, and the company launched an internal probe in collaboration with cybersecurity professionals to trace the breach and fortify infrastructure.
Strengthening Security and Restoring Trust
Beyond immediate containment, CoinDCX is prioritizing transparency and security. The team is launching a bug bounty program, inviting ethical hackers to identify potential vulnerabilities before malicious actors can exploit them. This initiative aims to build long-term trust and ensure the resilience of CoinDCX’s digital ecosystem.
This event underscores the growing sophistication of cyber threats in the cryptocurrency space, especially targeting operational wallets that are critical for platform liquidity. With the recent hack of BigONE exchange involving $27 million just days earlier, the industry is under renewed pressure to enhance its cybersecurity defenses.
Conclusion
While the CoinDCX breach highlights the inherent risks of hot wallets, the platform’s rapid response, financial transparency, and commitment to covering losses have helped maintain user confidence. User funds are secure, and the exchange is now more focused than ever on reinforcing its infrastructure against evolving cyber threats.
