- Trending
- Comments
- Latest
Early Saturday morning, hackers breached the CoinDCX crypto exchange’s internal systems, siphoning $44 million from an operational wallet used for liquidity provisioning.
The attack was first flagged by blockchain investigator ZachXBT, who noted the stolen funds were partially bridged from Solana to Ethereum.
Within minutes of ZachXBT’s alert, CoinDCX CEO Sumit Gupta confirmed the exploit on X, calling it a “sophisticated server breach” but stressing that customer assets held in cold wallets were untouched.
“The CoinDCX crypto exchange wallets storing user funds are not impacted and remain completely safe,” — Sumit Gupta, CEO of CoinDCX, in a public statement.
The delay in disclosure (17 hours after the attack) has
raised eyebrows, though Gupta emphasized the breach was contained to corporate funds. The CoinDCX crypto exchange is collaborating with its partner exchange to freeze and recover assets, alongside plans for a bug bounty program.
The hack comes exactly one year after North Korea’s Lazarus Group drained $230 million from WazirX, India’s then-largest crypto exchange, forcing its eventual shutdown. While no group has claimed responsibility for the CoinDCX crypto exchange attack, analysts speculate whether Lazarus or another state-sponsored actor is involved.
“The timing and scale suggest a coordinated effort, but attribution requires deeper forensics,” — Rashmi Deshpande, cybersecurity analyst at Chainalysis, to The Block.
“The company is working closely with cybersecurity experts to investigate the breach and has pledged to cover all losses using its own reserves. CoinDCX has emphasized its commitment to transparency throughout the recovery process,” CoinDCX’s X post added.
CoinDCX, India’s first crypto unicorn with a $2.15 billion valuation, had positioned itself as a safer alternative post-WazirX. Its 2024 acquisition of Dubai’s BitOasis marked aggressive global ambitions, now clouded by the breach.
Despite Gupta’s assurances, the CoinDCX crypto exchange has faced criticism for its restrictive withdrawal policies. Users must pass internal risk assessments to withdraw crypto, a measure Gupta defends as anti-money laundering (AML) compliance.
“Crypto withdrawals aren’t default-enabled to prevent illicit fund movement. We enable them after enhanced due diligence,” — Sumit Gupta, in a May 2025 Reddit AMA.
The exchange’s $7 million insurance fund—disclosed in June’s proof of reserves—covers just 16% of the $44 million loss. With 20 million users and $584 million in holdings, the CoinDCX crypto exchange now faces pressure to prove its “multi-layered security” claims.
Crypto communities are debating whether the CoinDCX crypto exchange’s treasury-backed recovery plan sets a precedent or masks systemic vulnerabilities. Some contrast it with WazirX’s collapse, while others note its swift transparency.
“Exchanges must prioritize real-time monitoring over post-hack damage control. The 17-hour gap is unacceptable,” — Nischal Shetty, founder of rival exchange Shardeum, to CoinDesk.
Vivek Shah (CA, LLB), crypto forensic auditor & tax expert, has this to say:
“With an increasing number of crypto exchange hacks in the last few years, it is time for a global regulation and legal framework to protect customers & investors funds. Centralized Crypto Exchanges must invest much more in cybersecurity like traditional banks & financial institutions..”
CoinDCX has not clarified if regulatory filings or law enforcement involvement will follow. For now, trading continues uninterrupted—a relief for users, but a stark reminder of crypto’s persistent security risks.
The CoinDCX crypto exchange lost $44 million in a server breach, but customer funds were unharmed.
CEO Sumit Gupta pledged treasury coverage, though the insurance fund covers only 16% of losses.
The hack revives trauma from WazirX’s 2024 collapse, though attribution remains unclear.
The Bit Gazette will continue to monitor developments and report them as they unravel.
Copyright © 2025 - The Bit Gazette.
