India’s largest cryptocurrency exchange, CoinDCX, has revealed that one of its internal operational accounts was compromised in a recent hack, resulting in the theft of millions in cryptocurrency.
Incident Involved Liquidity Provisioning Account, No Customer Funds Affected
On Saturday, CoinDCX co-founder and CEO Sumit Gupta posted on X that the compromised account was exclusively used for liquidity provisioning on a partner exchange. He assured users that customer wallets and assets remain secure, with no direct impact on their holdings.
Crypto security researcher ZachXBT reported that approximately $44.2 million was stolen during the breach. According to the researcher, the attacker’s wallet was initially funded with 1 ETH via Tornado Cash and later moved a portion of the stolen funds across the Solana-Ethereum bridge.
CoinDCX confirmed the stolen assets are currently dormant and spread across 4,443 Ethereum and 155,830 Solana tokens. The exchange is cooperating with India’s Computer Emergency Response Team (CERT-In) and partner exchanges to investigate and track the stolen funds.
Gupta stated that the compromised account was swiftly isolated, limiting the exposure to just this operational wallet. The losses will be absorbed from the exchange’s treasury reserves, ensuring that customer assets remain unaffected.
Reward Offered for Recovering Stolen Funds
CoinDCX launched a recovery bounty program on Monday, offering up to 25% of recovered funds to anyone who assists in tracing and retrieving the stolen cryptocurrency. Gupta emphasized the priority is not only recovering funds but identifying and apprehending those responsible.
This incident marks another major security breach in the Indian crypto sector, occurring nearly a year after WazirX, another prominent Indian exchange, suffered a $230 million hack that led to a trading halt. It remains unknown whether the two breaches are linked.
Author’s Opinion
The CoinDCX hack highlights the ongoing vulnerabilities even in major crypto exchanges. While customer funds were spared this time, the reliance on operational accounts as attack vectors shows a critical need for tighter internal controls and proactive security audits. The bounty initiative is a positive step, but exchanges must prioritize building resilient infrastructure before breaches occur.
Featured image credit: Clint Patterson via Unsplash
For more stories like it, click the +Follow button at the top of this page to follow us.