$44 Million Crypto Hack Hits Indian Exchange CoinDCX
Indian cryptocurrency exchange CoinDCX has confirmed a $44 million security breach, marking a serious blow to one of India’s leading digital asset platforms. The breach, which occurred on Friday, July 19, 2025, is being described as a “sophisticated server attack” that targeted an internal account used for liquidity operations.
According to the exchange’s official statement, the attacker exploited a single operational wallet, which was segregated from customer wallets, thereby ensuring user assets remained untouched. All customer funds are still safely stored in cold wallets, a practice used to protect digital assets from online threats.
Breach Details: Tornado Cash and Cross-Chain Movement
Blockchain analyst ZachXBT was the first to uncover suspicious activity, leading to a public admission from CoinDCX. His investigation revealed that the wallet involved was funded through Tornado Cash, a well-known crypto mixing service.
The attacker later moved part of the stolen funds from Solana to Ethereum, raising concerns over how cross-chain vulnerabilities can be exploited. These actions indicate a high level of planning and execution, making it one of the more complex exchange breaches in recent memory.
Response From CoinDCX: No Customer Loss, Treasury Absorbs Hit
CoinDCX’s CEO, Sumit Gupta, issued a public statement shortly after the breach was confirmed. He emphasized that the attack was contained swiftly, and that the financial loss will be absorbed by the exchange’s treasury rather than passed on to users.
“Since our operational accounts are segregated from customer wallets, the exposure is only limited to this specific account and is being fully absorbed by us,” Gupta said.
The company has engaged with top-tier cybersecurity firms and is collaborating with global exchange partners to track and freeze the stolen assets.
Unsettling Coincidence: One Year After WazirX Hack
The breach comes exactly one year after the $235 million WazirX hack, raising alarms across the Indian crypto sector. The coincidence has sparked speculation around coordinated targeting of Indian exchanges and renewed discussions on security infrastructure in the crypto space.
Conclusion: Call for Stronger Crypto Security in India
While CoinDCX has managed to protect its customers and absorb the loss internally, the incident highlights the urgent need for improved internal controls, cross-chain security protocols, and third-party audit mechanisms.
Such breaches erode public trust and regulatory confidence at a time when India’s crypto market is seeking global legitimacy.
Disclaimer
This content is for informational purposes only and does not constitute financial, investment, or legal advice. Cryptocurrency trading involves risk and may result in financial loss.