Two of the largest cryptocurrency exchanges in India consecutively faced serious hacker attacks, both on the same day, exactly one year apart.

This event shows a trend of organized attacks, likely coming from state-sponsored hacker groups. Meanwhile, traditional security systems are increasingly struggling against modern and complex attack techniques across multiple blockchains.

MAIN CONTENT

  • CoinDCX lost nearly $44.2 million in an attack that occurred in just 5 minutes.

  • The Lazarus Group from North Korea has been identified as being involved with specific technical signs.

  • India's lack of a clear legal framework increases the risk of losses due to hackers targeting centralized cryptocurrency exchanges.

How was CoinDCX attacked and by what means?

According to Cyvers CEO Deddy Lavid, CoinDCX lost $44.2 million in just 5 minutes using the most complex techniques today, including exploiting cross-chain bridges and anonymizing transactions through Tornado Cash.

The attack utilized multiple on-chain tools like FixedFloat, Polygon, and Solana alongside deep knowledge of the exchange's liquidity flow. The hacker moved funds through Tornado Cash on July 16, tested 1 USDT on July 18 before withdrawing all funds in minutes.

"The hacker's techniques indicate that they not only understand the operational processes of the exchange but also know how to exploit complex weaknesses in the multi-chain blockchain ecosystem."
Deddy Lavid, CEO Cyvers, 2025

Why is the Lazarus Group suspected to be behind the incident?

Cyvers security experts note signs suggesting that the Lazarus Group, a state-sponsored hacker group from North Korea, is the perpetrator due to the nature of the attack targeting centralized systems with complex international tactics.

Lazarus has been linked to many previous major attacks on cryptocurrency exchanges, particularly with tactics that exploit cross-chain bridges and anonymization tools to evade monitoring.

How do traditional security systems fail to keep up with modern attacks?

In 2024, losses at centralized exchanges increased by 900% compared to before, mainly due to weak access control systems and key leakage. Hacks are becoming faster and more sophisticated to the point where traditional monitoring tools are nearly ineffective.

"Without synchronized modern security solutions, exchanges will continue to be exploited due to increasingly superior attack techniques."
Subhash Chandra Garg, Former Finance Minister of India, 2024

Therefore, the implementation of real-time monitoring and off-chain auditing is essential to mitigate potential damage.

What is the impact of delays in the legal framework on the Indian cryptocurrency market?

India's slow issuance of clear cryptocurrency regulations increases risks for exchanges and users. This lack of transparency is believed to be the cause of incidents like WazirX in 2024 and CoinDCX in 2025.

While the United States is implementing strict and specific cryptocurrency policies, India remains hesitant, leading to insecurity and competitiveness in the global market.

Frequently Asked Questions

1. How much money did CoinDCX lose in the 2025 hack?

CoinDCX lost approximately $44.2 million in an attack that occurred in just 5 minutes, according to reports and analysis from security company Cyvers.

2. Who is the Lazarus Group and why are they suspected?

Lazarus is a North Korean state-sponsored hacker group known for sophisticated attacks on centralized cryptocurrency exchanges, using complex tactics like exploiting cross-chain bridges and transaction anonymization.

3. What new attack methods were used in the hack?

The technique mainly involves leveraging cross-chain bridges, moving money quickly across multiple blockchains, and using Tornado Cash to obscure transaction traces.

4. What does India need to do to protect the cryptocurrency market?

India needs to完善 and issue a clear legal framework while advancing monitoring technology and risk management for exchanges to minimize the risk of attacks.

5. How are cryptocurrency exchanges responsible when hacked?

CoinDCX representatives stated that the funds were taken from the company's reserve fund, not affecting customer funds, while offering a 25% reward for recovered funds to supporting white-hat hackers.

Source: https://tintucbitcoin.com/lazarus-group-la-thu-pham-tan-cong/

Thank you for reading this article!

Please Like, Comment, and Follow TinTucBitcoin to stay updated with the latest news on the cryptocurrency market and not miss any important information!