CoinDCX Hacked for $44.2 Million ; Breach Exposed by On-Chain Investigator After 17-Hour Silence

In another major blow to Indias homegrown crypto exchange industry, CoinDCX has been hit by a sophisticated exploit that drained approximately $44.2 million from an internal hot wallet. The incident, reminiscent of the security challenges faced by rival WazirX, went undisclosed publicly for nearly 17 hours.

The breach was ultimately exposed not by the company, but by independent on-chain investigator ZachXBT, raising serious questions about transparency and incident handling at one of the countrys largest exchanges.

How an on-chain sleuth exposed CoinDCXs 17-hour secret

ZachXBT revealed that the attackers trail began with just 1 ETH from the mixing service Tornado Cash. From there, the hacker used bridges to move stolen assets from Solana to Ethereum.

The targeted wallet was not listed in CoinDCXs published proof-of-reserves and had no public tag, making the breach difficult for the public to detect. ZachXBT noted he had to manually trace transactions to connect the untagged wallet back to CoinDCX.

CoinDCX CEO breaks silence After public exposure

Following ZachXBTs public disclosure, CoinDCX CEO Sumit Gupta issued a statement on social media.

He admitted that an internal account used for providing liquidity on a partner exchange had been breached due to a “sophisticated server attack.”

Gupta was quick to reassure users that no customer funds were affected and that all losses would be covered by the companys treasury. He stated that the affected wallet was isolated and that all trading and withdrawal services remain fully operational.

What CoinDCX is doing now

CoinDCX has promised to launch a bug bounty program to uncover additional vulnerabilities and enhance platform defenses. Moreover, the team is actively working with the unnamed partner exchange to trace the flow of funds and identify any overlooked risks.

This incident serves as a wake-up call for the broader crypto industry. Transparency, rapid communication, and airtight infrastructure are no longer optional. They are critical to maintaining trust. While no customer assets were harmed, the delay in disclosure raises important questions about accountability in times of crisis.