CoinDCX Confirms $44.2M Breach, Web3 Wallet Down, User Funds Remain Safe

CoinDCX loses $44.2M in internal breach, CEO confirms user funds remain safe, Web3 wallet down for investigation.

Fridah Kangai
July 21, 2025
12:30 pm

Fridah Kangai

Fridah Kangai is a dedicated crypto journalist with a sharp eye for market trends, blockchain innovation, and digital asset movements. She specializes in breaking down complex topics into clear, engaging stories for both seasoned investors and curious newcomers. With a passion for decentralization and a pulse on the ever-evolving crypto space, Fridah delivers timely, accurate, and insightful coverage. Her work bridges the gap between technology and everyday understanding in the world of cryptocurrency.

CoinDCX confirms $44.2M loss after internal account breach.
CEO assures all user funds remain safe in cold wallets.
Web3 wallet offline as CoinDCX investigates server compromise incident.

CoinDCX, one of India’s leading cryptocurrency exchanges, has suffered a security breach resulting in the loss of approximately $44.2 million. According to blockchain investigator ZachXBT, the attacker began with just one ETH from Tornado Cash before expanding the exploit across Solana and Ethereum.

After the incident, users noticed that some trading pairs had been deleted. Spot orders were disallowed, and the Web3 wallet was temporarily offline.

In an official statement on X, Sumit Gupta, CEO and co-founder of CoinDCX, confirmed the breach had occurred. He admitted that the compromised system was an internal operational account used to manage liquidity for one of its trading partner exchanges.

INR withdrawals remain fully operational on CoinDCX ✅ https://t.co/xDTCapKxct
— Sumit Gupta (CoinDCX) (@smtgpt) July 19, 2025

A compromised server occurred, but immediate containment action was taken. Gupta made it clear that this internal balance had nothing to do with user wallets.

He pointed out that customer assets are secure in cold wallets, and service trading and INR withdrawals are working smoothly with no disruption.

CoinDCX reassured customers that no user would bear the full brunt of the loss since the company treasury would pick up the slack. None of the user funds have been affected.

CoinDCX Launches Investigation and Strengthens Security Protocols

The company is collaborating with cybersecurity professionals to investigate the breach and secure internal systems. Gupta also introduced a bug bounty program to ramp up defences.

The Web 3 wallet is still offline for precaution. It will be reinstated when internal checks are completed and it is ascertained to be safe.

Some members of the community have responded positively and negatively to the incident. One group commends the platform’s transparency, whereas another complains that the official reaction took too long.

ZachXBT initially revealed the breach, raising concerns as to when CoinDCX was publicly aware of the breach.

Despite the criticism, CoinDCX has taken the initiative to provide regular updates and strengthen internal security. By being transparent about the investigation’s conduct, the company hopes to restore the faith of its users.

Amidst this, CoinDCX is trying to recover from the $44.2 million hack and ensure that users’ stakes are not lost. This is now part of the platform’s recovery plan, enhanced security efforts, and clear communication.

Also Read: Schwab to Launch Spot Bitcoin and Ether Trading as Clients Demand More