Indian Crypto Exchange CoinDCX Loses $44.2 Million to Hackers

Enthusiasts wondered why CoinDCX shielded users from information about the exploit for 17 hours, only to open up after ZachXBT had exposed it.

Ephraim Emmanuel

Last updated:

19 July 2025 @ 23:16 UTC

Why Trust CTW

CTW is a fresh voice in the world of cryptocurrency, offering clear and insightful coverage of the ever-evolving digital asset landscape. Backed by a team of passionate writers and crypto enthusiasts, we dive deep into market trends, emerging technologies, and innovative blockchain projects. We hope to become your go-to source for up-to-date information in this fast-paced industry.

Share

Indian cryptocurrency exchange CoinDCX has suffered a significant security breach, resulting in a loss of approximately $44.2 million. This incident remained undisclosed for 17 hours until blockchain investigator ZachXBT exposed it. The attack employed a sophisticated strategy utilizing Tornado Cash and cross-chain transfers.

Hacker’s Mode of Operation

The hacker targeted an internal operational wallet instead of user funds. Because this wallet was not listed in CoinDCX’s proof-of-reserve reports, tracking the breach was difficult. Security firm Cyvers first noticed suspicious transactions, prompting ZachXBT to investigate and confirm the breach through Telegram.

ZachXBT reported that the hacker used Tornado Cash to fund their account and then transferred the stolen money from Solana to Ethereum. This method made it hard to track the attacker’s actions and has led to a thorough investigation into CoinDCX’s security measures. Users are anxious for more information as the situation develops.

The hacker used Tornado Cash to hide the source of the stolen funds. This service allows criminals to mix their transactions and remain anonymous. Recent cases, such as a $3.2 million theft linked to North Korea’s Lazarus Group and a $1.4 billion hack of Bybit, show why cybercriminals often use Tornado Cash.

CoinDCX Responds to Exploit

In response to the attack, CoinDCX’s CEO, Sumit Gupta, reassured customers on X about the safety of their assets. He emphasized the exchange’s commitment to being open with its users.

“I understand incidents like this can be unsettling, even when customer assets are unaffected. That’s why I am sharing this incident with you with full transparency…. Thank you for your continued trust. I will keep you informed on a real-time basis as we learn more,” he said.

Gupta stated that the breach impacted an internal account used for liquidity and not customer wallets. The exchange is working with partners to recover the stolen assets and plans to start a bug bounty program. However, critics pointed out that this information was only revealed after ZachXBT’s public announcement.