Nazia Saeed
- CoinDCX loses $44M after an internal liquidity account is compromised via server breach
- Hackers used Tornado Cash to fund the exploit and bridged stolen assets across chains
- Recent exchange hacks include Nobitex ($100M), GMX ($40M), and Arcadia Finance ($3.5M)
Indian cryptocurrency exchange CoinDCX suffered a $44 million security breach on Friday, making it the latest high-profile crypto platform to fall victim to cyberattacks. The exploit targeted one of the exchange’s internal operational accounts used for liquidity provision, co-founder and CEO Sumit Gupta confirmed in a post on Saturday.
Gupta described the incident as a “sophisticated server breach”, stressing that no customer funds were affected by the attack.
The incident was quickly contained by isolating the affected operational account, he said. Since our operational accounts are segregated from customer wallets, the exposure is only limited to this specific account and is being fully absorbed, from own treasury reserves.
Newsletter
Get weekly updates on the newest crypto stories, case studies and tips right in your mailbox.
The $44 million stolen did not come from client deposits but rather from CoinDCX’s own reserves. The CEO did not specify the method used to gain access but confirmed the breach was confined to a single account interacting with another exchange.
Onchain activity traced to Tornado Cash and cross-chain moves
Blockchain investigator ZachXBT tracked the attacker’s wallet activity, noting that the address was initially funded with 1 Ether via Tornado Cash, a crypto mixer often used to obfuscate fund flows. A portion of the stolen assets was later bridged from Solana to Ethereum, he added.
The incident echoes previous major attacks on Indian crypto platforms. Market analyst Infinity Hedge pointed out that WazirX was hacked for $235 million on the same date one year ago, underlining the ongoing cybersecurity risks in the sector.
Wave of crypto exchange hacks continues globally
CoinDCX’s breach follows a series of high-value hacks across the crypto ecosystem in recent weeks.
- On June 18, Iranian exchange Nobitex lost $100 million in a politically motivated attack claimed by pro-Israel hacker group Gonjeshke Darande, which later leaked the platform’s source code online.
- On July 9, GMX V1, a version of the GMX perpetual exchange on Arbitrum, suffered a $40 million exploit. The hacker later returned the funds in exchange for a $5 million white hat bounty.
- Earlier this week, DeFi protocol Arcadia Finance was drained of $3.5 million due to a smart contract vulnerability.
CoinDCX has not disclosed whether law enforcement or cybersecurity firms have been engaged, but the company says it will continue updating the public as the investigation proceeds.
