On July 19, 2025, CoinDCX, India’s leading cryptocurrency exchange, experienced a significant security breach resulting in the loss of approximately $44 million from one of its internal operational accounts. The compromised account was dedicated solely to liquidity provisioning on a partner exchange. Importantly, the company has assured that customer funds, stored in secure cold wallets, were not affected by this incident.
Details of the Breach
The attack exploited a server-side vulnerability within CoinDCX’s infrastructure, allowing unauthorized access to the operational account. The stolen assets were transferred through Solana-Ethereum bridges and consolidated into 4,443 Ethereum (ETH) and 155,830 Solana (SOL), which remain dormant at this time. Blockchain security researcher ZachXBT highlighted that the attacker’s address was initially funded with 1 ETH via Tornado Cash, a service often used to obfuscate blockchain transactions.
Company Response and Assurance
In response to the breach, CoinDCX’s co-founder and CEO, Sumit Gupta, emphasized the safety of customer assets, stating that user funds are stored in secure cold wallets and remain unaffected. The company has committed to covering the full loss from its own treasury reserves, ensuring that customers do not bear any financial impact. ([businesstoday.in](https://www.businesstoday.in/amp/technology/news/story/coindcx-suffers-44-million-hack-says-customer-funds-are-safe-all-you-need-to-know-485433-2025-07-21?utm_source=openai))
To contain the breach, CoinDCX temporarily suspended its Web3 services but maintained the functionality of centralized trading, INR deposits, and withdrawals. The internal security team, in collaboration with external cybersecurity partners, is actively investigating the incident and tracing the stolen funds. Additionally, CoinDCX is coordinating with a partner exchange to freeze any illicit transfers and plans to launch a bug bounty program to strengthen its defenses against future threats. ([businesstoday.in](https://www.businesstoday.in/amp/technology/news/story/coindcx-suffers-44-million-hack-says-customer-funds-are-safe-all-you-need-to-know-485433-2025-07-21?utm_source=openai))
User Impact and Industry Implications
The incident caused concern among users, leading to a surge in social media activity and temporary strain on CoinDCX’s servers, particularly affecting portfolio services. The company has since increased server capacity to manage the heightened demand. ([businesstoday.in](https://www.businesstoday.in/amp/technology/news/story/coindcx-suffers-44-million-hack-says-customer-funds-are-safe-all-you-need-to-know-485433-2025-07-21?utm_source=openai))
This breach is reminiscent of the 2024 WazirX hack, where over $230 million was stolen by exploiting vulnerabilities in a multisignature wallet. That attack was later linked to North Korea–affiliated groups such as the Lazarus Group. ([businesstoday.in](https://www.businesstoday.in/amp/technology/news/story/coindcx-suffers-44-million-hack-says-customer-funds-are-safe-all-you-need-to-know-485433-2025-07-21?utm_source=openai))
The CoinDCX incident underscores the ongoing challenges in securing cryptocurrency platforms and highlights the need for robust security measures and regulatory frameworks within the industry.
