CoinDCX Confirms $44M Hack, Customer Funds Unaffected
New Delhi, July 21, 2025 – India’s prominent cryptocurrency exchange CoinDCX has confirmed that on July 18, a sophisticated cyberattack resulted in the theft of approximately $44.2 million (Rs 368 crore) from one of its internal operational accounts used for liquidity provisioning on a partner exchange. Despite the breach, CoinDCX has assured that customer wallets and funds remain completely secure The Economic Times+12www.ndtv.com+12Business Today+12Deccan Herald+13India Today+13The Economic Times+13.
📉 What Happened and How
CoinDCX co-founder Sumit Gupta stated the attack exploited a server-side vulnerability, allowing hackers to access private keys securing internal hot wallets Coinpaper+3AInvest+3Business Today+3.
The stolen assets included tokens from the Solana-Ethereum bridge, notably 4,443 ETH (~$15.7 million) and 155,830 SOL (~$27.6 million) AInvest+2India Today+2India Today+2.
🛡️ Cash Reserves to Cover the Loss
CoinDCX has committed to bear the entire financial loss from its treasury reserves—protecting users from any impact. All other services, including trading and INR withdrawals, have continued uninterrupted X (formerly Twitter)+12www.ndtv.com+12The Economic Times+12.
🚨 Emergency Response & Security Upgrade
-
The Exchange temporarily suspended Web3 services as a precaution Navbharat Times+10Business Today+10The Economic Times+10.
-
An investigation team, alongside cybersecurity partners and CERT-In, is tracing the stolen funds and patching vulnerabilities AInvest+8The Economic Times+8www.ndtv.com+8.
-
CoinDCX plans to launch a bug bounty program to strengthen future security Navbharat Times+12Business Today+12www.ndtv.com+12.
🌐 Industry Context & Warning
This marks India’s second major crypto breach in a year, following WazirX’s $235M hack in July 2024 The Economic Times+7India Today+7India Today+7. The incident highlights persistent security gaps in crypto infrastructure and the need for robust protective measures mint.
🧩 Looking Ahead
CoinDCX reaffirmed its dedication to transparency and resilience. The CEO emphasized the breach is a “wake-up call” and pledged to set new benchmarks for security standards in India’s digital asset ecosystem India Today+1India Today+1.
