CoinDCX, a leading Indian crypto exchange, suffered a $44.2M hack on July 19, targeting an internal wallet. Customer funds remain safe, as the breach did not affect reserves.
Crypto exchanges combine three core components of trading: settlement, execution, and custody. In traditional finance, these functions are segregated, making exchanges like the NYSE and NASDAQ resilient to failures that could result in massive losses. However, in the crypto industry, the landscape is entirely different.
Tokens for which exchanges provide liquidity are decentralized, and exchanges are responsible for securely storing user assets to protect them from hackers. Over time, hackers have become increasingly sophisticated, executing some of the largest heists, resulting in billions of dollars in losses, impacting even some of the top Solana meme coins. This year, Bybit lost over $4 billion but quickly recovered without pausing operations.
DISCOVER: 20+ Next Crypto to Explode in 2025
CoinDCX Hacked for $44 Million
On July 19, CoinDCX, one of India’s largest crypto exchanges, lost over $44 million in USDC and USDC from an internal operational wallet.
Crucially, this wallet was separate from the exchange’s reserves, ensuring that user funds, often verified through proof-of-reserves, were unaffected.
The breach, first detected by ZachXBT and Cyvers Alerts on X, revealed unauthorized transfers from the exchange, raising concerns about the vulnerabilities of centralized exchanges. Analysts noted that the breach targeted an internal wallet used for liquidity provision on a partner exchange.
As mentioned, this wallet was separate from CoinDCX’s published proof-of-reserves. The attacker initiated the exploit using 1 ETH, sending funds to Tornado Cash, a crypto mixer.
Our system has detected a hack into @CoinDCX centralized exchange 20 hours ago.
Here's what we know:
– The hacker stole around $44.2M in USDC/USDT from one of the exchange's operational wallets on Solana.
– The hacker funded the hack with 1 ETH from Tornado Cash.
– Part of the… pic.twitter.com/5PLliaZ6m4— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) July 19, 2025
Subsequently, the hacker executed multiple transactions to obscure the original transfer, converting stolen funds to 
ETH ▲2.03% and 
SOL ▲5.58% before bridging them across different blockchains. By dispersing funds across multiple intermediary wallets, the hacker aimed to complicate tracing efforts.
DISCOVER: Next 1000X Crypto: 10+ Crypto Tokens That Can Hit 1000x in 2025
Intervention: User Funds Unaffected
CoinDCX did not immediately detect the breach. According to ZachXBT, stolen funds were moved 17 hours before the exchange disclosed the hack. This delayed response has drawn sharp criticism from the community, with some questioning the exchange’s transparency and preparedness.
Why is a CoinDCX team member telling people to engage with this post and thank you for the “transparency”?
Your team waited 17 hours to disclose (not until after it was alerted publicly) pic.twitter.com/jElwOd9IHY
— ZachXBT (@zachxbt) July 19, 2025
In response, Sumit Gupta, the CEO, emphasized that no customer funds were lost, as funds remained segregated. The platform announced it would absorb the loss from its corporate treasury reserves, ensuring no financial impact on its user base.
Since yesterday the CoinDCX team has been working around the clock and we have published the First Incident Report on the July 19th server breach. The report covers all the key points:
-Customer funds are 100% safe. All user assets are stored in segregated cold wallets.
-The… https://t.co/Ouuplc521Q— Sumit Gupta (CoinDCX) (@smtgpt) July 20, 2025
Furthermore, CoinDCX temporarily suspended crypto services, including fiat withdrawals, though some core trading operations remained unaffected.
The exchange is collaborating with partner exchanges and external cybersecurity firms to investigate the incident and recover stolen assets. The attacker’s wallet addresses have been made public, and on-chain sleuths have been asked to assist in tracking the stolen funds.
To enhance its security, CoinDCX launched a recovery bug bounty program. Those who participate and help the exchange recover funds will receive up to 25% of what they recovered.
Announcing the @CoinDCX Recovery Bounty Program: Up to 25% of any recovered funds will be awarded to individuals or teams who can help trace and retrieve the stolen crypto.
Just to give more context:
-> We want to be upfront. The exposure was from our own reserves, and we have… https://t.co/GHHlxf3PxB— Sumit Gupta (CoinDCX) (@smtgpt) July 21, 2025
Last year, WazirX, another Indian exchange, was hacked, losing $235 million due to an exploit in its multisig wallet. The stolen amount was nearly 50% of its total reserves, and included losses of some of the best cryptos to buy.
Similar to the CoinDCX hack, the attacker, linked to the Lazarus Group, used Tornado Cash to obfuscate transfers.
DISCOVER: Next 1000x Crypto – 12 Coins That Could 1000x in 2025
CoinDCX $44.2M Crypto Hack: Customer Funds Safe
- CoinDCX hacked for $44 million
- Customer funds not affected
- Tornado Cash crypto mixer used
- CoinDCX to absorb loss and recoup stolen funds from its treasury
The post CoinDCX Suffers $44.2M Security Breach; Customer Funds Confirmed Safe appeared first on 99Bitcoins.
