On July 19, 2025, India's cryptocurrency exchange CoinDCX suffered a hack, leading to a loss of $44.2 million from its internal wallet, while customer funds remained untouched.
Loss of $44.2 Million Tied to Operational Wallet
The attack targeted CoinDCX's internal operational wallet used for liquidity provisioning on a partner exchange. As a result of the hack, $44.2 million was stolen, linked to the Lazarus Group.
CEO Sumit Gupta confirmed that customer assets are secure. He emphasized the importance of robust security in protecting internal operational accounts. In an official statement, he asserted, "One of our internal operational accounts used for liquidity was compromised. Customer assets are safe, and our security architecture protected all user funds."
Community Concerns and $11M Recovery Bounty
The hack caused widespread concern in the crypto community, although customer funds were unaffected. Investigations focus on tracing stolen assets' movements.
CoinDCX announced an $11 million recovery bounty, emphasizing its commitment to enhancing security measures and reinforcing user trust amid this challenge.
Similarities with Past Hacks by Lazarus Group
Past hacks, like the Bybit incident, show a pattern of vulnerabilities in operational accounts. Experts note similarities in tactics employed by the Lazarus Group.
Based on historical trends, attackers may attempt to launder stolen funds via mixers, highlighting the ongoing risks and necessitating stronger crypto security frameworks.
The attack on CoinDCX raises important questions about exchange security and vulnerabilities in their operational wallets. Despite losing a substantial amount, the security of customer funds confirms the importance of proper precautions in the cryptocurrency industry.
