Breaking: CoinDCX Loses $44M in Major Server Security Hack—Exchange Under Fire
Crypto exchange CoinDCX just got a $44 million lesson in server security—paid for by its users.
How it happened: Attackers bypassed multiple layers of protection in a surgical strike on the platform’s infrastructure. No wallet keys compromised, just old-fashioned system infiltration.
The aftermath: Trading continues (because what’s $44M between friends?), but the incident exposes the industry’s persistent weak spot—centralized points of failure. Meanwhile, traditional finance sharks circle with ‘I-told-you-so’ memes ready to deploy.
Silver lining? Another stress test for crypto’s resilience—and a reminder that in decentralized systems, the only thing harder than hacking the code is hacking the community.
TLDR
- Indian crypto exchange CoinDCX was hacked for $44 million on Friday through a sophisticated server breach targeting their liquidity operations account
- Customer funds remain safe as they are stored separately in cold wallets, with CoinDCX absorbing the loss from treasury reserves
- The attack was traced to hackers using Tornado Cash mixing service to fund their operations and bridging stolen funds between Solana and Ethereum
- The hack occurred exactly one year after another Indian exchange WazirX lost $235 million in a similar attack
- CoinDCX is working with cybersecurity partners and exchange partners to investigate and recover the stolen assets
Indian cryptocurrency exchange CoinDCX suffered a $44 million hack on Friday after cybercriminals compromised an internal account used for liquidity operations. The attack targeted a specific operational wallet rather than customer funds.
Our system has detected a hack into @CoinDCX centralized exchange 20 hours ago.
Here's what we know:
– The hacker stole around $44.2M in USDC/USDT from one of the exchange's operational wallets on Solana.
– The hacker funded the hack with 1 ETH from Tornado Cash.
– Part of the… pic.twitter.com/5PLliaZ6m4
— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) July 19, 2025
The platform’s co-founder and CEO Sumit Gupta disclosed the exploit on Saturday. He described it as a “sophisticated server breach” that affected their liquidity provisions with an unnamed partner exchange.
The breach only became public knowledge after blockchain investigator ZachXBT revealed the attack on his Telegram channel. This disclosure prompted CoinDCX to release their official statement about the incident.
Customer assets remained untouched throughout the security breach. The exchange confirmed that all user funds are stored securely in cold wallets, which are kept offline and separate from operational accounts.
“The incident was quickly contained by isolating the affected operational account,” Gupta explained in his public statement. “Since our operational accounts are segregated from customer wallets, the exposure is only limited to this specific account.”
CoinDCX has committed to absorbing the full $44 million loss from their own treasury reserves. This means customers will not face any financial impact from the security breach.
Attack Details and Investigation
ZachXBT’s investigation revealed that the attackers funded their wallet with cryptocurrency from Tornado Cash. This mixing service is commonly used to obscure the origins of digital assets in cybercriminal activities.
The hackers later moved portions of the stolen funds between different blockchain networks. They bridged some of the cryptocurrency from Solana to ethereum as part of their money laundering process.
The exchange is now working with cybersecurity partners to investigate the full scope of the breach. They are also collaborating with exchange partners to freeze and recover the stolen assets where possible.
Timing Raises Concerns
The timing of this attack carries particular weight in the Indian crypto market. The hack occurred exactly one year after WazirX, another major Indian cryptocurrency exchange, lost $235 million to hackers.
This anniversary timing highlights ongoing cybersecurity challenges facing crypto exchanges in India. Both attacks demonstrate that even established platforms remain vulnerable to sophisticated cybercriminal operations.
Recent Exchange Hacks
The CoinDCX incident is part of a broader pattern of exchange compromises in 2025. Iranian exchange Nobitex was hacked for $100 million in June by a pro-Israel hacker group called “Gonjeshke Darande.”
GMX V1 on the Arbitrum network suffered a $40 million exploit in July, though the hacker later returned the funds in exchange for a $5 million bounty. Decentralized finance platform Arcadia Finance lost $3.5 million to a smart contract exploit this week.
CoinDCX continues working with law enforcement and cybersecurity experts to trace the stolen funds and prevent future attacks.