CoinDCX lost $44.2M in a hack involving an internal wallet. Critics raise concerns over delayed disclosure and lack of transparency
Author: Chirag Sharma
July 19, 2025 : CoinDCX, one of India’s top crypto exchanges, confirmed a major hack involving $44.2 million. The incident targeted an internal operational wallet and was initially brought to light by on-chain investigator ZachXBT. According to his analysis, the exploit began with just 1 ETH routed through Tornado Cash, a privacy tool, before stolen assets were bridged from Solana to Ethereum.
CoinDCX CEO Sumit Gupta confirmed the hack hours after ZachXBT’s findings went public. He assured users that no customer funds were affected, as the compromised wallet was used solely for liquidity provisioning and was segregated from user wallets.
ZachXBT and blockchain security firm Cyvers Alerts flagged the breach. The wallet involved had not been included in CoinDCX’s proof-of-reserve reports, making it difficult to identify without extensive blockchain analysis. Gupta attributed the breach to a sophisticated server compromise and clarified that the stolen funds will be covered by CoinDCX’s treasury reserves.
However, the community reacted strongly to the 17-hour delay in public disclosure. Critics raised questions about transparency, especially since the wallet was not publicly tagged. noted that shortly after the hack was acknowledged, users were encouraged to praise Gupta’s response, further intensifying skepticism online.
Trading and INR withdrawals remain fully functional, and CoinDCX has frozen affected systems to prevent further loss. The exchange is collaborating with cybersecurity firms and a partner platform to trace and recover funds. Gupta also announced the launch of a bug bounty program to proactively address vulnerabilities going forward.
This breach comes nearly a year after WazirX suffered a $235 million exploit, highlighting the ongoing vulnerability of India’s crypto infrastructure. As India’s crypto adoption grows, so does its appeal to cyber attackers. Analysts warn that exchanges must bolster internal security and respond swiftly to maintain user trust.
CoinDCX now faces the dual challenge of recovering assets and rebuilding credibility in a market where transparency is non-negotiable.
Our Crypto Talk is committed to unbiased, transparent, and true reporting to the best of our knowledge. This news article aims to provide accurate information in a timely manner. However, we advise the readers to verify facts independently and consult a professional before making any decisions based on the content since our sources could be wrong too. Check our Terms and conditions for more info.
Scallop Exploit Drains 150K SUI From Deprecated Rewards Contract
Purrlend DeFi Protocol Loses $1.5M in Multisig Exploit
Volo Protocol Hit by $3.5M Exploit on Sui
Grandson Of John J.Gotti Gets 15 Months For $1.2M Crypto Fraud
Scallop Exploit Drains 150K SUI From Deprecated Rewards Contract
Purrlend DeFi Protocol Loses $1.5M in Multisig Exploit
Volo Protocol Hit by $3.5M Exploit on Sui
Grandson Of John J.Gotti Gets 15 Months For $1.2M Crypto Fraud
