Solana News Today: CoinDCX Loses $44.2 Million in Cyberattack on Solana Wallet

Generated by AI AgentCoin World
Saturday, Jul 19, 2025 4:41 pm ET2min read
Aime RobotAime Summary

- Indian exchange CoinDCX lost $44.2M in a cyberattack exploiting a Tornado Cash-funded breach on Solana.

- CEO Sumit Gupta confirmed a sophisticated server breach but assured customer funds remain secure in cold wallets.

- Over 65% of Q2 2024 Web3 losses stemmed from CEX breaches, highlighting systemic security flaws in centralized exchanges.

- The incident underscores vulnerabilities in DeFi platforms and calls for stronger cybersecurity measures across the crypto industry.

An Indian centralized exchange, CoinDCX, recently suffered a significant cyberattack, resulting in the theft of approximately $44.2 million in USDC and USDT from one of its operational wallets on Solana. The hack was detected by Cyvers, a blockchain security firm, which noted that the attacker(s) used 1 ETH from Tornado Cash to fund the attack. Part of the stolen funds, amounting to $15.8 million, was transferred to Ethereum via a bridge.

The breach was first detected late on July 18, and CoinDCX confirmed the incident on July 19 via X, formerly Twitter. Sumit Gupta, the CEO of CoinDCX, acknowledged that one of the exchange’s internal operational accounts was compromised due to a “sophisticated” server breach. However, Gupta assured users that the wallets used to store customer assets were not impacted and remain “completely safe.” All trading activity and withdrawals continue to operate normally.

In response to the breach, CoinDCX has taken several steps to mitigate the damage and enhance its security protocols. The exchange’s internal security and operations teams, along with leading cybersecurity partners, are investigating the matter, patching vulnerabilities, and tracing the movement of funds. CoinDCX is also collaborating with other exchange partners to block and recover assets, and plans to launch a bug bounty program soon.

The attack on CoinDCX is part of a broader trend of sophisticated access control attacks targeting centralized exchanges. According to Cyvers CTO Meir Dolev, over 65% of losses in Web3 during Q2 2024 originated from centralized exchange (CEX)-related incidents, with nearly $500 million lost due to wallet access breaches. These incidents highlight systemic weaknesses in the security systems used by centralized exchanges, prompting calls for exchanges to rethink their security posture and move beyond reactive defenses.

The compromised hot wallet, which is designed for frequent transactions, underscores the risks associated with hot wallets compared to cold wallets, which are stored offline and generally considered more secure. The incident serves as a reminder of the need for a balanced approach to security, where exchanges must protect digital assets while still providing users with the convenience they expect.

The attack on CoinDCX has raised concerns among investors and users about the safety of their funds. The exchange has assured its users that it is taking all necessary steps to recover the lost assets and prevent future breaches. The company has also pledged to provide regular updates on the investigation and the measures being taken to strengthen its security infrastructure.

The cryptocurrency industry has seen a series of high-profile hacks in recent years, with exchanges and wallets being targeted by sophisticated cybercriminals. These incidents have led to calls for greater regulation and oversight in the industry, as well as increased investment in cybersecurity measures. The exchange's response to the hack will be closely watched by industry stakeholders, who are looking for assurances that such incidents can be prevented in the future.

The incident also raises questions about the role of decentralized finance (DeFi) platforms in the cryptocurrency ecosystem. DeFi platforms, which allow users to lend, borrow, and trade cryptocurrencies without intermediaries, have gained popularity but are also vulnerable to hacking attempts due to their reliance on smart contracts. The incident serves as a reminder of the need for greater vigilance and security measures in the DeFi space.

The cryptocurrency industry is still in its early stages, and incidents like the hack on CoinDCX are likely to continue as the technology evolves. However, the industry is learning from these incidents and taking steps to improve its security measures. The exchange's response to the hack will be a test of its resilience and commitment to protecting its users' funds. The outcome of the investigation and the measures taken to prevent future breaches will be closely watched by industry stakeholders and users alike.

Comments



Add a public comment...
No comments

No comments yet