CoinDCX Lost 44.2 Million USD Due to Suspected Hack, Attacker Traced Only From 1 ETH

The Indian cryptocurrency exchange CoinDCX is said to have been hacked, causing damage of approximately $44.2 million, according to blockchain expert ZachXBT and security firm Cyvers. The CEO of the exchange has confirmed that an internal wallet was compromised. However, he asserts that customer funds remain safe. The CoinDCX Hack Originated from Funding Sources of Tornado Cash Today, ZachXBT reported this incident and stated that an attacker address received 1 ETH through Tornado Cash, then transferred money from Solana to Ethereum. The asset flow indicates a coordinated cross-chain money laundering strategy. Meanwhile, on-chain data confirms the transfer of funds across multiple addresses and protocols. The compromised wallet is not included in the published proof of reserve report of CoinDCX, thus it needs to be manually recorded.

Cyvers discussed this hack in an exclusive commentary with BeInCrypto. The attack is part of a recent wave of transaction breaches — including Bybit, WazirX, and others — that is a stark reminder that centralized platforms remain a top target for sophisticated access control attacks. In Q2 2024 alone, more than 65% of Web3 losses stemmed from CEX-related incidents, with nearly $500 million lost due to wallet access breaches. These aren't isolated incidents – they're systemic weaknesses. We urge exchanges to reconsider their security systems and go beyond passive defenses. Real-time wallet monitoring and prevention solutions like Cyvers' Threat Interceptor are no longer optional – they're essential to ensure your platform doesn't become the next focus." Meir Dolev, Chief Technology Officer of Cyvers, said. CoinDCX Confirms Violation, Assures Users' Funds Are Still Safe The co-founder and CEO of CoinDCX, Sumit Gupta, confirmed the incident a few hours after ZachXBT's post. He clarified that the incident involved an internal wallet used to store liquidity on a partner exchange, rather than a user wallet. According to the statement, the platform is investigating the server intrusion that led to the incident. Since then, the platform has frozen the affected internal systems and is working with security experts to prevent the incident. The initial violation was detected by Cyvers Alerts, a blockchain threat intelligence company, reporting suspicious withdrawal transactions from CoinDCX's hot wallet. The funds were quickly transferred through multiple different wallets, making tracing difficult.