Indian crypto exchange CoinDCX announced Monday it will offer up to 25% of recovered funds, up to $11 million, to anyone who can help trace and retrieve assets stolen in a sophisticated cyberattack that drained $44 million from one of its operational accounts last Friday.
CoinDCX CEO Sumit Gupta confirmed the breach on July 19, just minutes after on-chain analyst ZachXBT flagged suspicious fund movements on Telegram.
The attacker reportedly used 1 ETH from crypto mixer Tornado Cash to initiate the exploit, eventually bridging more than $15 million to Ethereum from Solana.
The breach targeted an account used solely for liquidity provisioning on a partner exchange and did not impact any customer wallets, according to the exchange.
Gupta confirmed Friday that customer funds were unaffected, saying the exchange was "fully absorbing" the loss from its treasury reserves.
"No customer funds have been impacted," Gupta tweeted.
“Since our operational accounts are segregated from customer wallets, the exposure is only limited to this specific account,” CoinDCX wrote in a statement.
Now the exchange is calling on ethical hackers, white-hat researchers, and blockchain sleuths to trace the stolen funds and help bring the attackers to justice.
"Cybercrime is an attack on trust. And when one of us is targeted, all of us feel it," the exchange said in its statement. "We're not doing this to chase what was lost—we're doing this to protect what still can be saved: our collective trust."
Blockchain analysis firm Cyvers initially traced the stolen funds to two wallets: $27.7 million in a Solana address, while $15.8 million was bridged to Ethereum.
Now, around $43.4 million has been moved to an Ethereum address, Cyvers said.
"This hack is part of a recent wave of exchange breaches—including Bybit, WazirX, and others—are stark reminders that centralized platforms remain prime targets for sophisticated access control attacks," Cyvers said in a statement to Decrypt.
“The attack pattern exhibits notable similarities to past operations attributed to the Lazarus Group, including the use of cross-chain bridges, obfuscation through Tornado Cash, targeting of centralized infrastructure, and a deep understanding of liquidity operations,” Deddy Lavid, CEO at Cyvers, told Decrypt.
CoinDCX co-founder Neeraj Khandelwal addressed trading concerns Monday, tweeting, "prices are gradually normalising automatically. I am with the community on the pricing issues and we are moving in the right direction."
The exchange has partnered with cybersecurity firms Sygnia, zeroShadow, and Seal911 for recovery efforts. It also reported the incident to India's Computer Emergency Response Team.
Industry experts said the response demonstrates the need for stronger security measures.
"The recent CoinDCX incident highlights the critical need for enhanced security in the decentralized digital asset ecosystem," Arjun Vijay, founder of Indian crypto exchange Giottus, told Decrypt. "It's time to reduce single-point risks by embracing self-custody solutions."
Vedang Vatsa, founder of Hashtag Web3, told Decrypt the incident "may be an opportunity for regulators and exchanges to collaborate on a framework that encourages stronger safeguards for users and their assets."
The CoinDCX breach occurred almost exactly one year after the July hack, which crippled WazirX, then India’s largest crypto exchange, resulting in the loss of approximately $235 million.
That exploit forced WazirX into a long and complex legal process, raising concerns across the industry about crisis transparency and user protections.
In February, Gupta had criticized WazirX’s handling of the incident, writing “the best way to protect the ecosystem is to learn openly.”
While a Singapore court initially rejected WazirX’s proposed restructuring plan on June 4, that order was set aside earlier this month, granting the exchange another chance to salvage its operations.
The court extended the moratorium period by two months, and users will now be invited to re-vote on an amended scheme submitted during the latest hearing.
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
