Indian Exchange CoinDCX Hacked for $44 Million, No Disclosure Yet

• CoinDCX hit by $44 million hack, flagged first by Cyvers.

• Hacker used Tornado Cash, bridged stolen stablecoins Solana to Ethereum.

• CoinDCX absorbs full loss, unlike WazirX’s partial criticized compensation plan.

CoinDCX, one of India’s largest crypto exchanges, has suffered a major security breach. The loss is estimated at around $44.2 million. Blockchain investigator ZachXBT reported the hack. The breach was not announced by the exchange immediately. Instead, the suspicious activity was first flagged by Cyvers, a cybersecurity firm that tracks blockchain transactions.

Hacker Launders CoinDCX Funds Using Tornado Cash and Blockchain Bridge

The hacker utilized Tornado Cash to cover the tracks. They initially financed their address using Tornado Cash and then passed the stolen stablecoins on the Solana blockchain to Ethereum. These strategies complicate the process of tracking stolen money.

Sumit Gupta, the CEO of CoinDCX, reported the incident on social media. He indicated that it was a hack caused by a sophisticated server breach. Gupta said that one of its internal operational accounts was breached. He, however, emphasized that the wallets holding customer assets were not affected in any way. Further, he stated that customer funds are secure.

To allay any fears, Gupta added that trading and withdrawals continued as usual and added that the company teams, together with external experts,s had been working around the clock to investigate the incident, seal security holes and trace the path of the lost money.

Besides, CoinDCX collaborates with other exchanges. They want to intercept the stolen money in case the hacker attempts to transfer it once more. Gupta has also announced that the company will soon introduce a bug bounty program. This implies that CoinDCX will compensate ethical hackers who assist in identifying the vulnerabilities of its systems.

In spite of this, there were complaints by some users of CoinDCX that they were not able to access their portfolios. This occurred immediately after the breach had been confirmed. The co-founder Neeraj Khandelwal, attributed it to a sudden surge in server traffic. He assured that the team had increased server capacity to support additional users and avoid additional disruption.

CoinDCX Vows to Cover Loss, Unlike WazirX’s Criticized Compensation

Blockchain data shows that the hacker stole stablecoins such as USDC and USDT. The stolen money was transferred promptly from Solana to Ethereum to make it more difficult to track. Some regulators have prohibited the mixing service, Tornado Cash, which was utilized by the attacker, since the latter is frequently utilized by criminals to conceal illicit funds.

An Indian crypto exchange is not the first one to experience a huge loss. Last year, within a few days of each other, another big Indian exchange, WazirX, lost approximately $230 million following a cyberattack. In contrast to CoinDCX, WazirX has suspended the process of withdrawals and deposits at the moment. It has since then been compensated with partial compensation, but this scheme was widely criticized by the users.

This time, CoinDCX claims that it will absorb the loss on its own. It will not transfer any of the damage to its users. Established in 2018, CoinDCX has become an expedient. The exchange currently boasts more than 16 million users. In May 2025 alone, it was processing almost half a billion dollars of spot trades, predominantly Bitcoin and Ethereum.

To reassure users, Gupta confirmed that trading and withdrawals are proceeding smoothly. He further said that the security teams have been working around the clock in the company. They do not do it in isolation. They are receiving assistance of the leading cybersecurity specialists. Collectively, they are investigating what went wrong. They are already addressing the vulnerabilities in their system.