Indian cryptocurrency exchange CoinDCX suffered a $44.2 million hack on July 19, 2025, confirmed by blockchain investigator ZachXBT and security firm Cyvers. CEO Sumit Gupta stated the breach compromised an internal operational wallet used exclusively for liquidity provisioning on a partner exchange, emphasizing that user-facing wallets and customer funds remained secure.
The attack originated with 1 ETH transferred via Tornado Cash, followed by cross-chain fund bridging between Solana and Ethereum, indicating a coordinated laundering strategy. On-chain analysis revealed complex fund movements across multiple addresses. Notably, the compromised wallet wasn't included in CoinDCX's published proof-of-reserve reports.
Gupta announced via Twitter: "Hi everyone, at CoinDCX... one of our internal operational accounts was compromised due to a..." The exchange immediately froze affected systems and engaged cybersecurity experts to investigate the server breach. Cyvers first detected suspicious withdrawals from CoinDCX's hot wallet, though rapid fund dispersion complicated tracing.
Trading pairs were temporarily suspended and orders canceled post-breach. Gupta assured losses would be covered from treasury reserves, preventing customer impact. This incident mirrors last year's WazirX hack on the same date, prompting CoinDCX to announce enhanced security measures including a bug bounty program.