CoinDCX Experiences $44.2M Security Incident; Customer Funds Verified as Secure

On July 19, CoinDCX, a prominent crypto trading platform in India, experienced a vulnerability breach amounting to $44.2M, targeting an internal wallet. Funds belonging to customers remain secure, as the breach did not compromise reserves.

Crypto exchanges encompass three essential elements of trading: settlement, execution, and custody. In conventional finance, these roles are divided, which allows exchanges like the NYSE and NASDAQ to be resilient against failures that could lead to substantial losses. However, in the realm of crypto asset, the dynamics vary greatly.

The tokens for which exchanges offer available volume are decentralized, and exchanges hold the responsibility of safeguarding user assets to shield them from cybercriminals. Over time, hackers have grown more adept, executing some of the largest thefts leading to billions in losses, affecting even prominent Solana meme coins. This year, Bybit recorded losses exceeding $4 billion but swiftly rebounded without halting operations.

DISCOVER: 20+ Next Crypto to Explode in 2025 

CoinDCX Vulnerability breach Resulting in $44 Million Rekt

On July 19, CoinDCX, among India’s largest crypto asset exchanges, faced a wrecked exceeding $44 million in USDC and other digital assets from an internal wallet.

Importantly, this digital wallet was distinct from the exchange’s reserves, assuring that user funds, typically verified through proof-of-reserves, remained intact.

The safety breach was initially identified by ZachXBT and Cyvers Alerts on X, detecting unauthorized movements from the trading protocol, which raised alarms over central exchanges’ vulnerabilities. Experts pointed out that the breach focused on an internal wallet designated for providing available volume on a partner exchange.

As noted, this digital wallet was distinct from CoinDCX’s shared proof-of-reserves. The attacker initiated the breach with 1 Ethereum, subsequently routing funds through Tornado Cash, a crypto mixing service.

Our system has detected a hack into @CoinDCX centralized exchange 20 hours ago.
Here's what we know:
– The hacker stole around $44.2M in USDC/USDT from one of the exchange's operational wallets on Solana.
– The hacker funded the hack with 1 ETH from Tornado Cash.
– Part of the… pic.twitter.com/5PLliaZ6m4

— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) July 19, 2025

Afterward, the hacker executed a series of transactions to obfuscate the original routing, converting the stolen assets into ETH ▲2.03% and SOL ▲5.58% before transitioning them across various blockchains. By diversifying the funds across several intermediary wallets, the hacker sought to hinder tracing efforts.

DISCOVER: Next 1000X Crypto: 10+ Crypto Tokens That Can Hit 1000x in 2025

Actions Taken: User Assets Secure

CoinDCX did not recognize the breach immediately. Per ZachXBT, the stolen assets were moved 17 hours prior to the exchange admitting the exploit. This lag in response has garnered significant backlash from the community, with many questioning the exchange’s transparency and readiness.

Why is a CoinDCX team member telling people to engage with this post and thank you for the “transparency”?

Your team waited 17 hours to disclose (not until after it was alerted publicly) pic.twitter.com/jElwOd9IHY

— ZachXBT (@zachxbt) July 19, 2025

In reply, Sumit Gupta, the CEO, stressed that no customer funds were compromised, as funds maintained separation. The protocol pledged to absorb the wrecked through its corporate treasury, guaranteeing no negative effect on its user community.

Since yesterday the CoinDCX team has been working around the clock and we have published the First Incident Report on the July 19th server breach. The report covers all the key points:

-Customer funds are 100% safe. All user assets are stored in segregated cold wallets.
-The… https://t.co/Ouuplc521Q

— Sumit Gupta (CoinDCX) (@smtgpt) July 20, 2025

Moreover, CoinDCX temporarily halted crypto operations, including fiat withdrawals, while some essential trading activities continued undisturbed.

The exchange is working together with partner exchanges and outside cybersecurity firms to examine the situation and recover the stolen assets. The wallet addresses used by the attacker have been disclosed, and blockchain investigators have been requested to aid in tracing the misappropriated funds.

To strengthen its security measures, CoinDCX introduced a bug bounty recovery program. Participants who assist in reclaiming assets will be eligible for up to 25% of the amount reclaimed.

Announcing the @CoinDCX Recovery Bounty Program: Up to 25% of any recovered funds will be awarded to individuals or teams who can help trace and retrieve the stolen crypto.

Just to give more context:
-> We want to be upfront. The exposure was from our own reserves, and we have… https://t.co/GHHlxf3PxB

— Sumit Gupta (CoinDCX) (@smtgpt) July 21, 2025

Previously, WazirX, another prominent Indian exchange, fell victim to a hack, losing $235 million due to a vulnerability in its multisig digital wallet. This amount represented nearly 50% of its total reserves and included losses from some of the most sought-after cryptos.

Similarly to the CoinDCX incident, the assailant, connected to the Lazarus Group, utilized Tornado Cash to mask the transactions.

DISCOVER: Next 1000x Crypto – 12 Coins That Could 1000x in 2025

The post CoinDCX Suffers $44.2M Safety Breach; Customer Funds Confirmed Safe appeared first on 99Bitcoins.