Indian exchange CoinDCX lost $44M in a sophisticated hack targeting internal liquidity systems. User funds remain safe, CEO confirms.
A Sophisticated Breach Hits One of India's Top Crypto Exchanges
In a sobering reminder of the ongoing vulnerabilities plaguing the cryptocurrency space, Indian digital asset exchange CoinDCX suffered a major security breach on Friday, resulting in the loss of approximately $44 million from its operational treasury. The incident, which was reportedly the result of a sophisticated server-level exploit, has sent shockwaves through India’s Web3 and fintech communities, even as the exchange assures users that their personal assets remain fully secure.
CoinDCX, one of India’s largest and most well-funded crypto platforms, confirmed the breach over the weekend. CEO and co-founder Sumit Gupta addressed the issue publicly on Saturday, revealing that the hack had targeted a specific internal account used for liquidity provisioning. Importantly, Gupta emphasized that the compromised account was completely segregated from customer holdings.
“The incident was quickly contained by isolating the affected operational account. Since our operational accounts are segregated from customer wallets, the exposure is only limited to this specific account and is being fully absorbed by us, from our own treasury reserves,” Gupta stated.
While the reassurance has helped prevent a full-blown panic among users, the magnitude of the breach and the method of attack point to a larger issue facing crypto exchanges today: no system is completely immune, especially when managing multi-chain liquidity across centralized and decentralized platforms.
How the CoinDCX Hack Happened
According to early forensic data shared by blockchain investigator ZachXBT, the attacker’s wallet was initially funded with 1 ETH via Tornado Cash, a privacy-focused crypto mixer often used by hackers to obfuscate fund origins. The attacker then moved to siphon off assets through a multi-chain strategy, bridging a significant portion of the stolen funds from Solana to Ethereum.
This complex cross-chain maneuvering showcases the growing sophistication of cybercriminals who exploit liquidity tools and decentralized bridges to hide their tracks in real time. CoinDCX did not release further technical details regarding how the internal systems were breached but confirmed it was an isolated account used for liquidity provisioning with other platforms, rather than customer wallets or cold storage vaults.
Why User Funds Remain Safe
Perhaps the most critical part of Gupta’s response was his clarity on asset segregation. In a year riddled with exchange collapses and smart contract exploits, transparency is key to retaining user trust. CoinDCX has stated that the impacted account did not contain or have access to any customer holdings. All user wallets, custodial or non-custodial, remain untouched and secure.
To that end, the exchange has promised to absorb the entire financial loss from its own reserves, protecting users from any fallout. The CEO also committed to working closely with on-chain investigators, security consultants, and regulators to identify the culprit and possibly recover some of the stolen assets.
The Unsettling Coincidence: WazirX Hacked on Same Day, One Year Ago
In an eerie twist of fate, popular Indian crypto exchange WazirX had also been hacked exactly one year ago on the same date, losing approximately $235 million. Analyst Infinity Hedge highlighted the coincidence, noting it may not be random. Whether or not these events are connected, it’s a powerful reminder of the recurring cybersecurity threats that continue to plague the digital asset space.
The incident at WazirX in 2024 had drawn attention to lapses in wallet security and internal key management. The repeat of a major Indian exchange being targeted exactly a year later raises concerns about how local exchanges are being monitored by global threat actors and whether the Indian ecosystem has truly evolved its cybersecurity posture.
Not an Isolated Incident: A Month of Exchange Hacks
The CoinDCX breach is just one in a series of alarming hacks targeting crypto exchanges and DeFi platforms over the past month. The frequency and scale of these attacks point to a broader trend of intensifying cyber warfare within Web3.
- June 18, 2025: Iran-based exchange Nobitex lost $100 million in a politically motivated attack by a pro-Israeli hacker group named “Gonjeshke Darande.” The attackers didn’t stop at theft; they leaked the exchange’s full source code online, potentially endangering millions of users.
- July 9, 2025: The GMX V1 protocol, a decentralized perpetual trading platform on Arbitrum, was exploited for $40 million. In a rare outcome, the hacker eventually returned the full amount, settling for a $5 million white-hat bounty instead.
- July 16, 2025: Arcadia Finance, a DeFi platform focused on yield-bearing smart contracts, suffered a $3.5 million exploit. The vulnerability was traced to a smart contract misconfiguration, once again highlighting the risk of unaudited or rushed deployments in DeFi.
These incidents paint a clear picture: whether centralized or decentralized, no platform is off-limits for attackers.
What's Next for CoinDCX?
CoinDCX is now facing the daunting task of rebuilding trust both with retail users and institutional partners. As of this writing, the company has not confirmed whether law enforcement or cybercrime agencies have been formally involved, though such investigations are typically initiated in parallel with internal audits.
The exchange is reportedly in the process of tightening its infrastructure and reevaluating its multi-chain risk exposure. Several blockchain forensic firms have already begun tracing the attacker’s movements, and community analysts are watching the suspect wallet addresses closely for any signs of fund movement.
Sumit Gupta has indicated that a full postmortem will be shared once investigations are complete. The platform is also expected to release an updated security roadmap in the coming weeks, one that may include new insurance protocols, third-party audits, and stricter internal controls.
The Real Cost: Reputation vs. Reserves
For CoinDCX, the loss of $44 million, while substantial, is not necessarily crippling. The platform has previously raised over $100 million from leading venture firms like Coinbase Ventures, Polychain Capital, and Bain Capital and reportedly maintains healthy treasury reserves.
But the real test lies in restoring user confidence. In an industry where a single breach can trigger mass withdrawals, every minute of downtime or opaque communication carries immense reputational risk.
For now, the company has managed to avoid a customer exodus by acting quickly, communicating clearly, and, most importantly, protecting user funds. But the coming weeks will determine whether India’s premier exchange can rebuild the trust it has spent years cultivating.
Lessons for the Industry
The CoinDCX hack underscores several important lessons for the broader crypto and Web3 industry:
- Segregation of Funds Works—Had user wallets been linked to liquidity operations, the damage would have been far worse.
- Internal Accounts Are Still Attack Vectors— Exchanges need to protect not just front-end APIs or smart contracts but also backend systems and service accounts.
- Transparency and Rapid Communication Matter—Gupta’s swift statement prevented panic, showcasing the importance of crisis communication.
- Multi-chain Bridges Remain a Major Risk—As attackers continue to abuse cross-chain bridges, protocols must tighten controls or reduce exposure altogether.
- Private Tools Like Tornado Cash Are Still in Use— Despite regulatory crackdowns, privacy tools are still favored by hackers to mask their trails.
Final Thoughts: Can Indian Crypto Bounce Back?
The CoinDCX incident could have been far more damaging had it not been for asset segregation and a swift response. Still, it's a sobering wake-up call. India’s crypto ecosystem is maturing rapidly, but with that growth comes an obligation to match security standards seen in traditional finance.
As more users and institutions enter the market, the pressure on exchanges to deliver both innovation and protection will only intensify. Whether CoinDCX becomes a cautionary tale or a comeback story will depend on how it manages this crisis and how fast the rest of the industry learns from it.
