India’s Largest Crypto Exchange Back Online

India’s largest crypto exchange, CoinDCX, is back online after a significant $44 million breach exposed vulnerabilities in its operational infrastructure.

While customer funds remained untouched, the hack, tied to a Tornado Cash-funded wallet, has raised important questions about transparency and wallet hygiene in the cryptocurrency market, which still aims to build trust among users. Now fully operational, CoinDCX has committed to implementing stronger security measures and a bug bounty program to prevent future exploits.

ZachXBT Identifies the Attack

The on-chain investigator ZachXBT detected the attack approximately 17 hours before the exchange made a public announcement. He traced it to an address funded with 1 ETH from Tornado Cash, with the attacker later bridging the stolen assets from Solana (SOL) to Ethereum (ETH).

The Tel Aviv-based security firm Cyvers flagged the suspicious withdrawals, leading to manual investigations, as the affected CoinDCX hot wallet lacked public tags and proof-of-reserves documentation.

> Hi everyone,
>
> At @CoinDCX, we have always believed in being transparent with our community; hence, I am sharing this with you directly. Today, one of our internal operational accounts – used only for liquidity provisioning on a partner exchange – was compromised due to a… source
> — Sumit Gupta (CoinDCX) (@smtgpt) July 19, 2025

Customer Funds Remain Secure

CoinDCX CEO Sumit Gupta directly addressed the community, assuring them that the breach did not affect customer assets.

> “No customer funds have been impacted. Your assets remain completely safe and protected in our secure cold wallet infrastructure,” Gupta stated in his initial disclosure.

The hack targeted an internal operational account used solely for liquidity provisioning on a partner exchange, rather than consumer deposit wallets.

> “The incident was quickly contained by isolating the affected operational account. Since our operational accounts are segregated from customer wallets, the exposure is limited to this specific account,” Gupta explained.

CoinDCX Restores Full Functionality

After the security incident, CoinDCX temporarily halted certain operations while investigating the breach. Since then, the exchange has fully restored all trading activities and INR withdrawal capabilities without restrictions.

> “Trading and INR withdrawals on CoinDCX are fully operational and running smoothly. You can withdraw your INR anytime—without restrictions. We’re here for you, and we stand by our commitment to honor all withdrawal requests.” source
> — Sumit Gupta (CoinDCX) (@smtgpt) July 19, 2025

Gupta urged users against panic selling, warning that hasty decisions could lead to poor prices and unnecessary losses.

What’s Next

CoinDCX is working with its partner platform to block and recover stolen assets while strengthening security measures further. The exchange plans to launch a bug bounty program to encourage security researchers to locate potential vulnerabilities.

> “Every security incident is a learning experience, and we will learn from this and further strengthen our platform,” Gupta stated.