CoinDCX, a number one Indian cryptocurrency change, confirmed on Saturday, July 19, {that a} safety breach has resulted within the lack of $44.2 million (Rs 380 crore approx.)
The Mumbai-based agency has disclosed that hackers compromised and drained all of the funds from one in every of its inner operational accounts that’s used for liquidity provisioning, which helps minimise slippage and guarantee smoother buying and selling. Moral hacker ZachXBT was the primary to flag the breach, and stated that he uncovered the incident 17 hours after it occurred.
CoinDCX has emphasised that the wallets used to retailer buyer property weren’t impacted by the hack. INR withdrawals and different buying and selling exercise stay operational. The centralised crypto change initially paused its Web3 mode function as a precautionary measure. A number of hours later, it restored the in-app function that offers customers entry to over 50,000 DeFi (decentralised finance) tokens.
“The incident was rapidly contained by isolating the affected operational account. Since our operational accounts are segregated from buyer wallets, the publicity is barely restricted to this particular account and is being totally absorbed by us – from our personal treasury reserves,” Sumit Gupta, co-founder and CEO, CoinDCX stated on X.
Hello everybody,
At @CoinDCX, we’ve got all the time believed in being clear with our group, therefore I’m sharing this with you immediately.
Right this moment, one in every of our inner operational accounts – used just for liquidity provisioning on a associate change – was compromised as a consequence of a… pic.twitter.com/L1kZhjKAxQ
— Sumit Gupta (CoinDCX) (@smtgpt) July 19, 2025
https://platform.twitter.com/widgets.js
“Our inner safety and operations groups have been working by way of the day together with main cybersecurity companions to research the matter, patch any vulnerabilities and hint the motion of funds,” he added.
CoinDCX additionally assured that its reserves are adequate to completely cowl the losses from the hack. “This received’t trigger any loss to any of our clients and CoinDCX will probably be bearing the total quantity from our treasury reserves, which is sufficiently wholesome to cowl up for this quantity,” Gupta stated.
To all our clients, right here is our dedication 👇
This received’t trigger any loss to any of our clients and CoinDCX will probably be bearing the total quantity from our treasury reserves, which is sufficiently wholesome to cowl up for this quantity.
We’re nonetheless studying extra concerning the particulars as… https://t.co/Ouuplc4uci
— Sumit Gupta (CoinDCX) (@smtgpt) July 19, 2025
https://platform.twitter.com/widgets.js
Precisely one yr in the past to the day, hackers breached one other Indian crypto change, WazirX, and made away with over $230 million in crypto property.
Story continues beneath this advert
The crypto business’s vulnerability to such incidents stays a urgent concern because it may undermine investor confidence. It may additionally gasoline additional scepticism of cryptocurrency by regulators in international locations like India, the place the sector continues to be underneath analysis.
The CoinDCX hack provides to what’s already shaping as much as be the worst year-to-date on file for crypto thefts. Hackers have stolen greater than $2 billion in crypto throughout the first half of 2025, in response to new information from crypto evaluation agency Chainalysis.
“I perceive incidents like this may be unsettling – even when buyer property are unaffected. That’s why I’m sharing this incident with you with full transparency,” Gupta stated on X.
On what to do subsequent, he stated that CoinDCX will probably be collaborating with its change associate to dam and get well property. It’ll even be launching a bug bounty programme quickly.