CoinDCX, an Indian cryptocurrency exchange, has experienced a significant incident resulting in a theft of $44.2 million. CEO Sumit Gupta has commented on the situation and the measures being taken to maintain platform security.
Incident Overview
The hack, highlighted by blockchain investigator ZachXBT, reportedly began with the use of 1 ETH traced from Tornado Cash. Gupta noted that the attack exploited a vulnerability connected to an internal account on a partner exchange. Most of the stolen funds were transferred to the Solana-to-Ethereum chain, triggering immediate alerts from tracking systems.
Security Measures and Investigation
CoinDCX has suspended its Web3 wallet, halted open orders, and temporarily stopped several trading pairs. The company isolated the compromised server and is collaborating with CERT-IN and international cybersecurity experts for investigation. A bug bounty program with rewards of up to $11 million has been introduced to assist in recovering stolen assets.
Company's Financial Stability
Gupta also revealed key financial metrics to bolster user confidence. The DCX Group, which includes CoinDCX in India, BitOasis in the UAE and Bahrain, and Okto Web3 Wallet, reported annual revenue of ₹1,179 crore ($136 million) and transaction volumes of approximately $158 billion. Despite the hack, CoinDCX continues to work on restoring user trust.
The CoinDCX incident highlights the importance of enhancing security in the crypto industry. The company is actively taking steps to overcome this crisis and protect its users' funds.
