CoinDCX, India’s leading cryptocurrency exchange, confirmed that hackers had breached one of its internal wallets in a recent cyberattack. The breach involved an operational account used for managing liquidity on a partner platform. The exchange assured its users that the incident did not affect any customer funds.
Independent blockchain analysts, including ZachXBT and Cyvers Alerts, first spotted unusual fund movements nearly a day before CoinDCX disclosed the issue.
In an official statement, Sumit Gupta, the CEO of CoinDCX, explained that the attackers gained access through a sophisticated breach of their servers. He clarified that the wallet used for liquidity purposes was compromised, but it did not contain any customer accounts.
Gupta further stated that all user assets remain secure in cold storage, which is a method of keeping crypto funds offline to protect against hacks. Trading services and withdrawals in Indian Rupees are fully functional, with no interruptions.
CoinDCX will use its own treasury to cover the losses, so users face no financial impact. The exchange has hired top cybersecurity experts to investigate the breach, improve security, and trace the stolen funds.
In addition, CoinDCX is collaborating with its partner exchange to freeze and retrieve the stolen assets. The company also announced plans to launch a bug bounty program, encouraging ethical hackers and developers to report any vulnerabilities in exchange for rewards.
This incident is a reminder of the ongoing security challenges in the cryptocurrency space. Just last year, another Indian exchange, WazirX, experienced a massive hack amounting to over $200 million. Investigators later linked that attack to the Lazarus Group, a notorious hacking outfit from North Korea.
As CoinDCX moves to recover from the breach, the company says it remains committed to user safety and improving its defenses against cyber threats.
