A significant security incident impacted the Indian digital currency platform,
CoinDCX, this past Friday. Reports indicate unauthorized access resulted in
the loss of approximately $44 million in assets.
Investigations reveal that cybercriminals gained control of an internal
CoinDCX account. This account was reportedly used for managing liquidity
provided to another exchange. The access stemmed from a breach of one of
CoinDCX’s servers.
Fortunately, CoinDCX’s Chief Executive Officer, Sumit Gupta, has assured
users that their funds remain unaffected. He confirmed the security breach
and emphasized that customer assets were not compromised. In a public
statement, he stated:
“The situation was promptly managed by isolating the compromised operational
account. Because our operational accounts are separate from our customer’s
digital wallets, the risk is confined to this specific account and will be
absorbed entirely by us, utilizing our own reserve funds.”
According to blockchain investigator ZachXBT, the hacker’s digital
address received initial funding of 1 Ether (
ETH) from the Tornado Cash mixer. Subsequently, a portion of the illegally
obtained funds was transferred from the Solana blockchain to the Ethereum
network.
Cointelegraph attempted to solicit comments from CoinDCX representatives
regarding the incident; however, a response had not been received at the
time of this publication.
Financial analyst Infinity Hedge highlighted an unnerving coincidence: A
year ago on the same date, another prominent Indian cryptocurrency exchange,
WazirX, experienced a security breach resulting in losses of $235
million. This incident serves as a stark reminder of the ongoing cybersecurity
challenges confronting the cryptocurrency sector and its investors.
This is a developing story, and updates will be provided as more details
become available.
Related: GMX halts trading, token minting following $40M exploit