Cryptocurrency exchange CoinDCX confirmed a $44.2 million security breach involving cross-chain transactions through Tornado Cash and Solana bridges. The attack leveraged both Ethereum and Solana networks to compromise a wallet designated for liquidity provisioning on a partner exchange.
CEO Sumit Gupta stated that user funds remained unaffected, clarifying that the compromised wallet did not contain customer assets but served exclusively for institutional liquidity operations. Security researchers ZachXBT and Cyvers disclosed evidence showing the attacker used Tornado Cash to obscure transaction trails and employed cross-chain bridges to complicate fund tracing.
The incident highlights persistent vulnerabilities in decentralized finance liquidity management systems and may catalyze increased regulatory scrutiny of privacy-enhancing tools like Tornado Cash. Industry observers anticipate potential impact on compliance frameworks governing anonymizing technologies.
CoinDCX emphasized transparency in its incident response, noting the breach triggered an ongoing internal investigation. The exchange is coordinating with blockchain analysts and regulatory bodies while reinforcing security protocols across operational infrastructure.