CoinDCX, one of India’s most prominent cryptocurrency exchanges, disclosed a security breach that resulted in the loss of nearly $44 million (approx. ₹368 crore) in digital assets. The exploit occurred over the weekend of July 19–20, 2025, and targeted hot wallets used by the exchange for liquidity provisioning on third-party venues.
In a public statement, CoinDCX assured customers that the attack was contained to a non-custodial internal account and that user funds held in cold wallets or primary customer accounts were not affected. The company also emphasized that it would fully compensate the loss using its internal treasury reserves. Trading, deposits, and INR withdrawals remain fully functional, while Web3 services that were temporarily paused have since resumed.
The breach marks one of the largest in India’s crypto sector since the $235 million WazirX hack in 2024 and has reignited security concerns across the digital asset landscape.
Attackers Employed Multi-Chain Laundering Tactics
Blockchain forensics experts have traced the movement of the stolen funds to a complex laundering operation that spanned multiple chains. According to initial analyses, the attackers exfiltrated approximately 4,443 ETH and 155,830 SOL. These assets were quickly bridged from Solana to Ethereum and passed through Tornado Cash, a decentralized privacy mixer.
This cross-chain laundering strategy highlights both the technical sophistication of the perpetrators and the challenges in tracking stolen assets once they move across networks. The assets were subsequently consolidated into new wallets, making real-time tracking difficult.
CoinDCX has launched a full-scale investigation in collaboration with CERT-In (India’s Computer Emergency Response Team), law enforcement agencies, and leading cybersecurity firms. The exchange also announced intentions to introduce a bug bounty program in the coming weeks to strengthen its infrastructure and encourage white-hat disclosures.
Industry Reaction and Regulatory Implications
The incident has sent ripples through India’s cryptocurrency community, with industry leaders and analysts calling for better operational security and transparency. While CoinDCX’s swift acknowledgment and assurance of coverage have helped mitigate immediate panic, the breach serves as a reminder of the vulnerabilities inherent in hot wallet systems and cross-chain operations.
Experts suggest that platforms should enforce stricter hot wallet limits, enhance multi-sig controls, and adopt real-time anomaly detection systems. Furthermore, the hack is likely to prompt a stronger push for regulatory clarity and mandatory audit frameworks in India’s digital asset sector.
CoinDCX’s handling of the situation has drawn both praise and criticism. On one hand, its proactive communication and financial transparency are seen as positive steps. On the other, questions remain about the underlying controls that allowed such an exploit to occur in the first place.
As India continues to solidify its role in the global crypto ecosystem, this breach underscores the urgent need for infrastructure resilience, regulatory oversight, and industry-wide coordination to address emerging threats.
For now, CoinDCX users can breathe a sigh of relief—their funds are safe. But for the broader industry, the message is clear: the cost of complacency is rising.
