New Delhi: On Saturday, July 19, Indian crypto exchange CoinDCX quietly suffered one of the biggest security breaches of the year. An internal operational account was compromised, resulting in a massive loss of nearly Rs 378 crore, or around 44.2 million US dollars. The incident went public after a now-viral post by blockchain sleuth ZachXBT revealed the attack, forcing the exchange to confirm it nearly 17 hours later.
Despite the large-scale hack, CoinDCX says customer funds remain untouched. The platform has promised to cover the entire financial hit using its own treasury, offering some relief to lakhs of Indian crypto investors.
Our system has detected a hack into @CoinDCX centralized exchange 20 hours ago.
Here’s what we know:
– The hacker stole around $44.2M in USDC/USDT from one of the exchange’s operational wallets on Solana.
– The hacker funded the hack with 1 ETH from Tornado Cash.
– Part of the… pic.twitter.com/5PLliaZ6m4— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) July 19, 2025
Rs 378 crore gone in a single strike
In its official FIR and later updates, CoinDCX explained that the breach happened at around 4 am IST on July 19. The compromised account was part of its internal liquidity provisioning system, not directly connected to user wallets. This account was hosted on a partner exchange.
The company said a sophisticated server-side attack allowed the hacker to access the account. The stolen funds were first routed in batches of 1,000 to 4,000 SOL using the Solana-Ethereum bridge called Wormhole, and then swapped using Jupiter as the aggregator.
Here’s where the funds ended up:
| Platform | Token Type | Amount | Value (Approx.) |
|---|---|---|---|
| Ethereum Wallet | ETH | 4,443 ETH | $15.7 million |
| Solana Wallet | SOL | 155,830 SOL | $27.6 million |
These wallets have since gone dormant, raising speculation that the hacker is waiting for the heat to die down.
CoinDCX responds, users panic
Shortly after the incident was confirmed, users rushed to withdraw their funds. The CoinDCX app saw delays in balance updates and transaction history as portfolio APIs briefly went offline. Although trading continued, many users were left in the dark for hours.
Co-founder Sumit Gupta posted that the wallets holding user assets were not impacted. Neeraj Khandelwal added that the total Rs 378 crore loss was being absorbed entirely by CoinDCX’s treasury.
“CoinDCX wallets used to store customer assets are not impacted and are completely safe,” Gupta stated on X. “This won’t cause any loss to our customers.”
🚨 Open House ANNOUNCEMENT 🚨@neerajKh_, @mri_gup, & I have been sharing regular updates with the community for the last 24 hours via videos, blogs, and tweets.
Tomorrow, July 21, 2025, at 7 PM IST, we will go LIVE on X and YouTube with our full leadership team and share… pic.twitter.com/P9JbHCqxrO
— Sumit Gupta (CoinDCX) (@smtgpt) July 20, 2025
Withdrawals and operations update
CoinDCX later assured users that the breach was isolated and didn’t affect the overall platform. Trading, deposits and withdrawals continued as normal, with timelines set for INR withdrawal:
- Withdrawals below Rs 5 lakh: processed within 5 hours
- Withdrawals above Rs 5 lakh: processed within 72 hours
CERT-In steps in, forensic probe begins
CoinDCX has alerted India’s Computer Emergency Response Team (CERT-In) and roped in two global cybersecurity firms for a detailed investigation. The company says it will publicly share all findings.
The incident has reignited conversations about security in India’s crypto space. Last year, WazirX suffered an even larger attack, losing over Rs 1,965 crore to hackers.
India’s crypto hack timeline
| Year | Exchange | Loss (in USD) | Incident Type |
|---|---|---|---|
| 2024 | WazirX | $230 million | Exchange hack |
| 2023 | Binance | $570 million | Bridge exploit |
| 2022 | Ronin | $625 million | Network breach |
| 2021 | Poly | $600 million | Smart contract bug |
As crypto adoption grows, so does the risk. CoinDCX’s response may set a benchmark for how Indian exchanges handle future attacks, but the delay in disclosure raised valid concerns.