CoinDCX Hacked $44 Million, No User Funds Lost

Generated by AI AgentCoin World
Monday, Jul 21, 2025 1:34 pm ET1min read
Aime RobotAime Summary

- Indian crypto exchange CoinDCX suffered a $44M hack from an internal liquidity wallet, with no user funds compromised.

- Hackers moved stolen 4,443 ETH and 155,830 SOL through mixers, prompting a 25% bounty for recovery and global security collaboration.

- CoinDCX’s transparent response—covering losses from treasury, disabling vulnerable services—boosted trust despite regulatory scrutiny over custodial risks.

- The breach highlights centralized exchange vulnerabilities, fueling debates for decentralized alternatives and stronger compliance in emerging markets.

On July 19, the Indian crypto community was shaken by the news of a significant security breach at CoinDCX, one of the country’s most trusted crypto exchanges. The hack resulted in the theft of approximately $44 million from an internal operational wallet used for liquidity provisioning on a partner platform. Importantly, no user funds were compromised, as the wallet in question was not tied to customer holdings.

CoinDCX co-founder Neeraj Khandelwal reassured users that all customer assets remained safe and secure. The exchange continued to operate normally, with trading, deposits, and INR withdrawals proceeding without disruption. This demonstrated CoinDCX’s robust crisis management capabilities.

The stolen assets included approximately 4,443 ETH and 155,830 SOL, totaling around $44 million. Blockchain analytics revealed that the hackers moved these funds through mixers and cross-chain bridges, with most of the stolen assets landing in two distinct wallets now under monitoring by crypto sleuths and law enforcement agencies. Some of the funds have already been traced to services like Tornado Cash, complicating recovery efforts.

In response to the breach, CoinDCX launched India’s largest crypto recovery bounty, offering up to 25% of the stolen funds as a reward for information leading to asset recovery. This move has sparked significant interest from white-hat hackers and forensic investigators. The company is engaging with top global security experts and CERT-In to trace every on-chain movement, with $11 million potentially up for grabs, adding urgency to the pursuit.

The CoinDCX Hack serves as a reminder of the evolving threats faced by centralized exchanges. Following last year’s WazirX breach, this incident adds pressure on Indian regulators to mandate stronger compliance, monitoring, and real-time risk controls. Some experts argue that the incident strengthens the case for decentralized exchanges (DEXs) that do not rely on custodial wallets vulnerable to such attacks. Raj Kapoor, founder of India Blockchain Alliance, noted that the CoinDCX Hack is not just a technical issue but also a governance one.

Despite the scale of the breach, CoinDCX’s transparent and proactive response has earned praise from the community. The exchange acted swiftly, disabling vulnerable Web3 services, launching a forensic audit, and immediately informing authorities. They have also confirmed that all losses will be covered using the exchange’s treasury, ensuring zero impact on users. Such proactive behavior reflects positively on CoinDCX’s long-term trustworthiness.

The CoinDCX Hack underscores the pressing need for advanced crypto security, especially in emerging markets. Though $44 million was stolen, the company’s decisive response helped contain the damage and protect user trust. The industry must now look beyond the headlines to address core security infrastructure, transparency, and regulatory gaps.

Comments



Add a public comment...
No comments

No comments yet