CoinDCX Launches $11M Recovery Bounty Program After $15.8M Hack – Here’s What Happened

• How Did the CoinDCX Hack Unfold?
• Tracking the Stolen Funds
• Exchange's Response and Security Overhaul
• Industry Reactions and Recovery Efforts
• FAQ: CoinDCX Hack and Recovery Bounty

Indian crypto exchange CoinDCX has announced an $11M recovery bounty program following a $15.8M exploit traced to Tornado Cash-funded hackers. While user funds remain safe, the incident has raised questions about exchange transparency and security practices. Blockchain sleuths like ZachXBT are tracking the stolen assets across multiple chains as CoinDCX partners with security firms to investigate.

How Did the CoinDCX Hack Unfold?

On Monday, CoinDCX co-founders Sumit Gupta and Neeraj Khandelwal revealed that hackers drained approximately $15.8M from the exchange's internal operational wallets. The breach was first detected by blockchain security firm Cyvers Alerts, showing funds being siphoned from liquidity provider wallets used for partner exchanges.

According to Etherscan data, the attacker initiated the exploit by sending 1 ETH through Tornado Cash – the controversial crypto mixer previously sanctioned by the U.S. Treasury. Within hours, the stolen funds were bridged across multiple chains, with the hacker's ethereum wallet (0xef0c5b9e0e9643937d75C229648158584a8cd8d2) receiving over 12,144 ETH ($46.3M at current prices).

Tracking the Stolen Funds

Blockchain analyst ZachXBT traced the money trail showing:

• 674.63 ETH transferred 6 hours before disclosure
• 7,017 ETH moved in separate transactions
• 4,443 ETH transferred two days prior (likely initial exploit)

The funds were distributed across three key addresses:

Exchange's Response and Security Overhaul

CoinDCX emphasized that only corporate funds were affected, with Gupta stating: "These came from our own reserves, which we've already accounted for in our corporate treasury." The exchange has partnered with security firms Sygnia, Zeroshadow, and Seal911 to:

1. Redesign parts of their system architecture
2. Implement enhanced wallet security protocols
3. Establish the $11M bounty program with Wormhole and DeBridge

Notably, the exchange faced criticism for a 17-hour silence after the exploit – a window where ZachXBT observed active fund movement across chains. Marketing lead Suchit Karande later thanked the community for "transparency" on Discord, though some users questioned the delayed disclosure.

Industry Reactions and Recovery Efforts

The solana Foundation and SuperTeam have joined the recovery initiative, while crypto Twitter debates whether the incident highlights broader exchange security issues. As one trader commented: "When an exchange gets hacked but says 'user funds are safe,' it's like a restaurant saying 'don't worry' after the kitchen catches fire."

CoinDCX maintains their wallet systems were never compromised, but the incident serves as a reminder that even operational wallets need ironclad protection. With the bounty program active, all eyes are on whether the hacker(s) will return the funds for a reward.

FAQ: CoinDCX Hack and Recovery Bounty

How much was stolen in the CoinDCX hack?

Approximately $15.8 million worth of cryptocurrency was stolen from the exchange's operational wallets.

Were user funds affected?

No – CoinDCX confirmed only corporate funds were impacted, with customer assets remaining secure.

What's the $11M bounty program?

A reward initiative offering up to $11 million for information leading to recovery of funds or identification of the hackers.

Which blockchains were involved?

The stolen funds moved across Ethereum, Solana, and bitcoin networks according to blockchain analysts.

Has CoinDCX improved security since the hack?

Yes, the exchange is redesigning parts of its infrastructure and working with top cybersecurity firms to prevent future incidents.