A year later major WazirX breach, India’s digital asset sector has suffered another major security breach. As the cofounder post on X, Indian centralised crypto exchange CoinDCX was hacked for nearly $44 million (₹368 crore) on July 19, after an internal liquidity account was compromised.

The breach was first reported by prominent blockchain investigator ZachXBT, who shared details on his Telegram channel. According to the sleuth, the attacker funded the wallet using one Ethereum via Tornado Cash, a decentralised crypto mixing platform. A portion of the stolen funds was subsequently bridged from Solana to Ethereum, he claimed.

The affected wallet was not publicly tagged or listed in CoinDCX’s proof-of-reserves, ZachXBT added, stating that he had to manually trace the wallet through its counterparty transactions.

How did CoinDCX react?

Following the revelations, CoinDCX co-founder and CEO Sumit Gupta confirmed the incident on X (formerly Twitter). By described the exploit as a “sophisticated server breach” targeting one of CoinDCX’s internal operational accounts, used solely for liquidity provisioning on a partner exchange, Gupta emphasised that no customer funds were impacted, and said all user assets remain safe in cold wallet infrastructure. “The incident was quickly contained by isolating the affected operational account,” he said. “Exposure was limited and fully absorbed by CoinDCX’s treasury reserves.”

Trading activity and INR withdrawals remain fully operational, Gupta added. The exchange is now working with its partner platform to block and recover the stolen assets, and plans to launch a bug bounty programme soon.

On the other hand, CoinDCX co-founder Neeraj Khandelwal confirmed that the platform had lost approximately $44 million, a figure verified internally and by external partners. In his post on X, Khandelwal said the exchange delayed its official announcement to prioritise securing the breach before disclosing details publicly.

He also confirmed that the company’s Web3 trading platform was paused temporarily as a precautionary measure, though customer assets in that segment werenot affected. “Web3 trading will resume shortly,” he said.

In it's another post on X, the cofounder also mentioned that, "The total amount lost was ~$44Mn out of our treasury assets. Coindcx Treasury will be bearing these losses. We continue to work hard to recover these lost assets".

Flashback to 2024 WazirX hack

The CoinDCX exploit comes exactly a year after fellow Indian exchange WazirX was hacked for $234 million on July 18, 2024. That breach was attributed to the North Korea-linked Lazarus Group, according to earlier reports.

As per TheStreet, CoinDCX is currently working with cybersecurity and crypto forensics firms to investigate the breach and trace the attacker’s path. Alerts from blockchain security firm Cyvers had earlier flagged the suspicious outflows that helped ZachXBT uncover the breach.

The episode raises new concerns over India’s crypto security framework. With a second major hack in just one year, regulators may now push for tighter protocols, greater wallet segregation, and enhanced proof-of-reserve transparency across exchanges.