CoinDCX Hit With $44M Hack—Internal Wallet Breached, User Funds Safe

CoinDCX was hacked for $44M after an internal liquidity account was compromised—disclosed only after ZachXBT exposed it.
Customer funds remain safe in cold wallets, and the exchange says it will cover the loss from its own reserves.
The hacker used Tornado Cash and bridged stolen assets from Solana to Ethereum, following a familiar laundering pattern.

So… CoinDCX just got hit. The Indian crypto exchange suffered a $44 million security breach on Friday after hackers somehow gained access to one of its internal accounts—specifically one used for liquidity ops with a third-party exchange (which, by the way, still hasn’t been named).

The whole thing wasn’t even public at first. It only came out after ZachXBT—the go-to guy for blockchain drama—posted about it on his Telegram channel. A day later, CoinDCX’s co-founder and CEO Sumit Gupta confirmed it happened, calling it a “sophisticated server breach.” Translation: this wasn’t a script kiddie hit. Someone knew what they were doing.

Hi everyone,

At @CoinDCX, we have always believed in being transparent with our community, hence I am sharing this with you directly.

Today, one of our internal operational accounts – used only for liquidity provisioning on a partner exchange – was compromised due to a… pic.twitter.com/L1kZhjKAxQ
— Sumit Gupta (CoinDCX) (@smtgpt) July 19, 2025

No Customer Funds Touched, Says CEO

Now here’s the good news—if we can call it that. Gupta says customer wallets weren’t touched. The hit was isolated to an operational wallet, and those are apparently kept completely separate from user funds, which are stored in cold storage (read: offline, harder to mess with).

In his public statement, Gupta added, “We locked the affected wallet fast. Since it’s separate from client wallets, the damage is limited to that one internal account and we’ll be covering the loss from our own reserves.” Gotta say, at least they owned it quickly once it was out in the open.

Tornado Cash + Bridge = Classic Hack Playbook

ZachXBT tracked the wallet’s flow post-breach and found it was funded using Tornado Cash—the crypto mixer that’s basically become the go-to tool for hiding illicit funds. Then, part of the loot was bridged from Solana to Ethereum. Nothing too surprising there, but yeah—it checks all the usual boxes in a modern crypto hack.

What’s extra eerie is the date. This attack hit exactly one year after WazirX (another Indian exchange) got drained for $235 million. Coincidence? Maybe. But still… kinda weird.

CoinDCX says it’s teamed up with cybersecurity partners and is coordinating with exchange partners to freeze and, hopefully, recover whatever they can. No word yet on how much might actually be clawed back.

Takeaway

Yeah, $44 million is a punch in the gut. But it could’ve been a lot worse. Customer funds are safe (for now), and the platform’s moving quick to fix it. Still, it’s a reminder: no matter how big or established a platform is, the security game in crypto is never really over.

Disclaimer: BlockNews provides independent reporting on crypto, blockchain, and digital finance. All content is for informational purposes only and does not constitute financial advice. Readers should do their own research before making investment decisions. Some articles may use AI tools to assist in drafting, but every piece is reviewed and edited by our editorial team of experienced crypto writers and analysts before publication.