CoinDCX Cyberattack: CoinDCX, India’s biggest crypto exchange, said it suffered a dramatic security breach in which it lost USD 44.2 million from one of its operational wallets.
The wallet was not associated with any customer assets and was consumed for liquidity provisioning, it said.
After major blockchain investigator ZachXBT noted suspicious fund movements in Ethereum and Solana chains, the incident was reported.
It said that the hacker used just 1 ETH through Tornado Cash to fund their address and took away tens of millions in USDT and USDC.
USD 44.2 Million Vanishes Via Tornado Cash and Cross-Chain Tools
Tornado Cash is a crypto mixing service, which is done to mask transaction trails.
The theft report was revealed hours after it occurred, and CoinDCX initiated a containment operation as a result.
A delay of 17 hours sparked major concerns related to transparency in such issues.
CoinDCX CEO Sumit Gupta stated that the funds of the users are safe and secure in cold wallets.
While noting that the trading services and INR withdrawals would continue, he said that the loss due to the theft would be paid from the company’s resources.
Also, the company is now cooperating with the experts and other authorities in a forensic probe in a bid to catch the hacker and, if possible, recover the funds.
CoinDCX Pledges Full Compensation And Begins Security Boost
Reports said that CoinDCX seeks to unveil a bug bounty program to enhance its security protocols.
The theft incident follows other major security breaches related to cryptocurrency in India, which include WazirX’s wallet freeze worth $235 million.
This highlights the lack of safety measures and vulnerabilities as crypto regulations transform in the country.
Experts have praised CoinDCX’s decision to pay for the losses and boost security measures. However, their reluctance to inform about the breach says that more transparency is required in the field.
With the ongoing probe, crypto experts believe that the case sheds light on the necessity of defense and risk management in the Web3 world.
It also tells us that strong cybersecurity infrastructure remains key for the Indian crypto field to stop incidents like these in the future.
