The Daily Star Lebanon Breaking News, Lebanon News, Middle East News & World News
India’s cryptocurrency landscape was rocked once again by a significant security breach—almost exactly one year after the infamous WazirX incident. On July 19, CoinDCX, one of the country’s leading centralized digital asset exchanges, confirmed a cyberattack that led to the loss of nearly $44 million (₹368 crore). The intrusion targeted an internal liquidity wallet, prompting immediate containment efforts and drawing fresh scrutiny to the nation’s crypto security protocols.
Breach Details and Blockchain Tracing
The incident first came to light through blockchain investigator ZachXBT, who flagged suspicious activity on Telegram. According to his analysis, the attacker utilized Tornado Cash—an anonymizing Ethereum-based protocol—to fund the wallet with one ETH before siphoning off the assets. A portion of the stolen funds was later moved cross-chain from Solana to Ethereum, further complicating efforts to track the digital trail.
Notably, ZachXBT pointed out that the compromised wallet was not publicly labeled or included in CoinDCX’s published proof-of-reserves. He had to backtrace the transactions through counterparty interactions, raising concerns about undisclosed internal wallet infrastructure in crypto operations.
CoinDCX’s Immediate Response and Transparency
In a statement posted to X (formerly Twitter), CoinDCX co-founder and CEO Sumit Gupta acknowledged the breach and described it as a “highly sophisticated server-side exploit.” He clarified that the attack affected only an internal operational wallet used for liquidity provisioning on a third-party exchange. Gupta was quick to assure users that all customer assets were fully secure, stored separately in cold storage infrastructure, and unaffected by the incident.
“The affected account was isolated rapidly, and the exposure has been completely absorbed by our treasury,” Gupta emphasized. He also confirmed that trading and INR withdrawals remain uninterrupted and that CoinDCX is actively collaborating with its partner exchange to freeze the compromised funds. Plans are underway to introduce a bug bounty initiative aimed at fortifying platform defenses.
Confirmation of Loss and Precautionary Measures
Fellow co-founder Neeraj Khandelwal corroborated the total loss of approximately $44 million. In his own post on X, Khandelwal explained that the team delayed a public disclosure to focus on securing affected systems and preventing further exposure. He added that while the platform’s Web3 trading services were briefly paused out of caution, no user-held assets in that domain were compromised. “Web3 operations will resume shortly,” he assured.
Reiterating Gupta’s stance, Khandelwal stated that CoinDCX’s internal reserves would fully cover the loss. “Our treasury is absorbing the impact,” he wrote, expressing the team’s commitment to asset recovery and long-term security improvements.
Echoes of the WazirX Breach and Future Ramifications
The timing of this breach is particularly striking—it occurred exactly one year after the July 18, 2024, WazirX hack, which saw attackers steal $234 million. That incident was linked to North Korea’s Lazarus Group and brought global attention to vulnerabilities in Indian crypto exchanges.
In the wake of the CoinDCX breach, blockchain security firm Cyvers flagged abnormal outflows that helped uncover the exploit. Investigations are now underway with assistance from cybersecurity and crypto forensic experts to trace the attacker’s path and potentially retrieve funds.
