CoinDCX Suffers Major Cyberattack, $44 Million Stolen– All You Need To Know | Markets News
New Delhi: India-based crypto exchange CoinDCX suffered a major cyberattack on July 20 with hackers stealing nearly 44 million dollars (around Rs 380 crore) from its internal accounts. The breach which occurred over 17 hours ago. It was first flagged within the community by ethical hacker ZachZBT.
CoinDCX’s co-founder later confirmed the incident in a post on X (formerly Twitter). As a precaution, the company has temporarily paused its Web3 operations but assured users that customer funds on CoinDCX Web3 remain safe.
CoinDCX co-founder Neeraj Khandelwal confirmed that the hackers stole around 44 million dollars from the company’s treasury funds, not from user accounts. He assured users that CoinDCX itself will cover the loss, and their top priority has been to secure all remaining assets and ensure user safety.
The total amount lost was ~$44Mn out of our treasury assets. Coindcx Treasury will be bearing these losses. Our first and foremost objective throughout the day has been to first secure assets. https://t.co/Gohc727ONR
— Neeraj Khandelwal (@neerajKh_) July 19, 2025
How did the breach happen?
CoinDCX co-founder and CEO Sumit Gupta revealed that hackers targeted one of the company’s internal accounts used for managing funds on a partner platform. The breach was described as “sophisticated” and involved vulnerabilities in their server system. As soon as the issue was detected, the team quickly isolated the compromised account to contain the damage. Cybersecurity experts are now investigating the breach and working to fix the security gaps, and tracing the stolen funds.//
CoinDCX CEO Sumit Gupta assured users that the situation was brought under control swiftly by isolating the affected operational account. He explained that since customer wallets are kept separate from internal accounts, the breach was limited to just one account. “The incident was quickly contained by isolating the affected operational account. Since our operational accounts are segregated from customer wallets, the exposure is only limited to this specific account and is being fully absorbed by us – from our own treasury reserves. Our internal security and operations teams have been working through the day along with leading cybersecurity partners to investigate the matter, patch any vulnerabilities and trace the movement of funds,” Gupta said.//
Hi everyone,
At @CoinDCX, we have always believed in being transparent with our community, hence I am sharing this with you directly.
Today, one of our internal operational accounts – used only for liquidity provisioning on a partner exchange – was compromised due to a… pic.twitter.com/L1kZhjKAxQ
— Sumit Gupta (CoinDCX) (@smtgpt) July 19, 2025
India Sees Another Major Crypto Breach Within a Year
CoinDCX has become the second major Indian crypto exchange to suffer a cyberattack in the past year. Back in July 2024, rival platform WazirX lost a staggering 234 million dollars in crypto assets after one of its wallets hosted on Liminal was hacked.
The breach forced WazirX to halt trading and withdrawals, triggering panic among its 4.4 million users. The company filed an FIR and even launched a white hat bounty program, offering up to 23 million dollars to recover the stolen funds. However, a year later, only 3 million dollars has been recovered. International investigations later traced the hack to North Korean state-sponsored cybercriminals.
