Indian cryptocurrency exchange CoinDCX has disclosed a server breach resulting in a $44 million loss, while confirming that all user funds remain safeguarded. The incident highlights persistent cybersecurity vulnerabilities within exchange ecosystems despite institutional protections.
The attack exploited CoinDCX’s liquidity provisioning systems rather than direct user wallets, differing from conventional exchange hacks. Blockchain forensic analyst ZachXBT traced the stolen funds moving from Solana to Ethereum, with subsequent laundering through the privacy protocol Tornado Cash.
This breach occurs during heightened security concerns in India’s crypto market, following a separate $235 million breach at rival exchange WazirX earlier in the year. Globally, crypto security firm CertiK reports cumulative losses from hacks and exploits exceeding $2.5 billion during the first half of the year.
CoinDCX has initiated security protocol reviews while emphasizing that core user assets weren’t compromised. The case underscores the critical need for exchanges to strengthen beyond-custody defenses as attackers evolve their tactics.