CoinDCX, India's largest cryptocurrency exchange, has resumed operations following a breach that cost $44 million. No customer funds were affected, but the incident raised questions about transparency and security in the cryptocurrency market.
CoinDCX Attack
The attack on CoinDCX was first identified by blockchain investigator ZachXBT approximately 17 hours before the exchange publicly disclosed the incident. He traced the breach to an address funded with 1 ETH from Tornado Cash. The attacker later bridged the stolen funds from Solana to Ethereum. The security firm Cyvers flagged the suspicious withdrawals as the affected CoinDCX hot wallet lacked public tags and proof-of-reserves documentation.
Customer Fund Security
CoinDCX CEO Sumit Gupta addressed the community directly, affirming that the breach did not impact customer assets: 'No customer funds have been impacted. Your assets remain completely safe and protected in our secure cold wallet infrastructure.' The hack affected an internal operational account used solely for liquidity provisioning on a partner exchange, not consumer deposit wallets.
Exchange Functionality Restored
Following the security incident, CoinDCX temporarily suspended certain operations while investigating the breach. The exchange has since restored all trading activities and INR withdrawal capabilities without restrictions. Gupta assured: 'Trading and INR withdrawals on CoinDCX are fully operational and running smoothly.' The exchange also plans to launch a bug bounty program to incentivize security researchers to identify potential vulnerabilities.
CoinDCX has resumed operations following a challenging incident and is actively working to enhance its security measures. Experts and market participants are watching how the exchange will manage the aftermath and implement new protective strategies.
