CoinDCX Fights Back: $11M Bounty Hunt After Lazarus Group’s $44M Crypto Heist
When hackers strike, crypto exchanges don't call the cops—they call in the bounty hunters. CoinDCX just put a $11 million price tag on Lazarus Group's head after a brazen $44 million digital asset grab.
The heist: North Korea's favorite cyber-bandits strike again
Lazarus Group—Pyongyang's pet hackers—proved they're still crypto's public enemy #1. The same crew behind the $600 million Ronin Network hack just raided another exchange's vaults. Old habits die hard when you're funding nuclear programs with stolen stablecoins.
The counterplay: Crowdsourced justice with an 8-figure carrot
CoinDCX's bounty offer turns every white hat hacker into a potential mercenary. $11 million buys a lot of forensic firepower—and sends a clear message to attackers: Steal from us, and the entire internet becomes your adversary.
The irony: Crypto's wild west grows up (sort of)
Nothing says 'mature financial ecosystem' like putting out a hit on state-sponsored hackers. Banks hire lawyers; crypto firms hire hacker posses. At least they're not paying the ransom this time—progress comes in strange forms.
North Korea links
Lavid further noted that the centralized exchange exploit and precise understanding of liquidity provisioning strongly indicate the involvement of an experienced and highly coordinated threat actor.
On July 19, the Indian-based crypto trading platform reported that it was exploited after attackers gained unauthorized access to internal accounts used for liquidity provisions with another platform.
Lavid elaborated on the method of attack, suggesting that the hackers likely gained backend access through exposed API keys, system misconfigurations, or overly permissive credentials. Once inside, they used legitimate account permissions to move assets from Solana to ethereum before laundering the funds through Tornado Cash.
He added:
“Although the compromised account was segregated from user wallets, its operational privileges were sufficient to execute large-scale fund movements without triggering immediate alarms.”
Meanwhile, the sophistication of the attack bears the hallmark of the North Korea-linked group, which continues to dominate the scene for its incessant attacks on the emerging industry.
Notably, the group stole more than $1.6 billion during the first half of the year and was responsible for the Bybit hack.
Bounty offer
In response to the attack, CoinDCX launched a bounty program on July 21, offering up to 25% of any recovered funds as a reward. Depending on the success of recovery efforts, the reward could amount to as much as $11 million.
CoinDCX CEO Sumit Gupta said the initiative aims to incentivize white-hat hackers, researchers, and blockchain firms to assist in tracking and retrieving the stolen assets. He stated:
“More than recovering the stolen funds, what is important for us is to identify and catch the attackers, because such things shouldn’t happen again, not with us, not with anyone in the industry.”
Meanwhile, Gupta also emphasized that the company was covering the loss through its corporate treasury and reiterated that user funds were unaffected.
