Crypto trade CoinDCX was hit by a critical cyberattack earlier at this time, July 20. Hackers stole round $44 million (about Rs 380 crore) from one of many firm’s inside accounts. The corporate’s co-founder introduced this in a publish on X (previously Twitter).
“The whole quantity misplaced was ~$44Mn out of our treasury property. CoinDCX Treasury might be bearing these losses. Our at the start goal all through the day has been to first safe property,” Neeraj Khandelwal, co-founder, CoinDCX, mentioned on X.
The whole quantity misplaced was ~$44Mn out of our treasury property. Coindcx Treasury might be bearing these losses. Our at the start goal all through the day has been to first safe property. https://t.co/Gohc727ONR
— Neeraj Khandelwal (@neerajKh_) July 19, 2025
What occurred?
Co-founder and CEO Sumit Gupta defined that an inside operational account used for managing liquidity on a accomplice platform was compromised due to a “subtle” breach in their server system.
Gupta mentioned the group acted quick by isolating the affected account to cease the assault from spreading. Cybersecurity experts have been introduced in to examine, repair weak factors, and monitor the place the stolen cash went.
Plans to recuperate misplaced funds
To recuperate the stolen property, Gupta mentioned CoinDCX will quickly launch a bug bounty program.
“We’re collaborating with the trade accomplice to block and recuperate property, together with popping out with a bug bounty program quickly,” he added.
Gupta additional mentioned, “Each safety incident is a studying, and we are going to be taught from this and additional strengthen our platform. Extra importantly, that is our time to win this battle in opposition to cyberthreats in the business, and we commit to working along with consultants to safe our business,” he added.
No buyer funds affected
Gupta assured customers that no buyer wallets had been impacted. The hack solely affected one inside account, and all common buying and selling and INR withdrawals are working as regular.
Khandelwal added that buying and selling in the Web3 part has been paused as a security measure.
“CoinDCX group is all palms working to firefight the scenario as we communicate and we are going to get to the depths of the incident. All the client property are protected and the buying and selling exercise plus the INR withdrawals proceed unhindered…,” mentioned Khandelwal.
Second major crypto assault in India in a 12 months
CoinDCX is now the second Indian crypto exchange hit by hackers in one 12 months. In July 2024, WazirX misplaced $234 million price of cryptocurrencies when considered one of its wallets hosted on Liminal was hacked.
That assault led WazirX to droop buying and selling and withdrawals, which brought about panic amongst its 4.4 million Indian customers. The corporate filed an FIR and launched a white hat bounty program to recuperate funds, providing up to $23 million as a reward.
Even after a 12 months, WazirX has solely managed to recuperate $3 million. Investigations by worldwide governments later linked the assault to North Korean state-backed hackers.
