On July 19, 2025, India’s biggest crypto exchange, CoinDCX, suffered a massive security breach that led to the theft of $44.2 million from one of its operational wallets.
🔍 According to reports, the attackers gained access to an internal liquidity account and drained it within minutes — but customer funds remained safe. Surprisingly, CoinDCX did not disclose the hack for almost 17 hours, until well-known blockchain investigator ZachXBT publicly revealed the breach.
CEO Sumit Gupta later confirmed that an internal operational account had been compromised, but reassured the public that user assets were never at risk.
🕵️ The attack has been linked to North Korea’s infamous Lazarus Group, known for targeting crypto platforms worldwide. Investigators discovered that the hackers performed a “dry run” with a 1 USDT test transaction on July 16 — three days before the main heist.
They funded their wallet with 1 $ETH
via Tornado Cash, then bridged part of the stolen funds from $SOL
Solana to Ethereum to cover their tracks.
⚠️ Although the exact method is still unclear, cybersecurity experts suspect that exposed credentials or leaked backend access might have enabled the attackers to infiltrate CoinDCX’s systems.
The delayed disclosure drew heavy criticism from the crypto community, with many demanding more transparency from major exchanges handling millions in assets.
CoinDCX has since teamed up with cybersecurity specialists to trace the stolen funds, strengthen their systems, and prevent future attacks.
Stay safe and always DYOR. 🕵️♂️🔐
#India #CoinDCX #CryptoNews #CryptoHack #LazarusGroup #Blockchain #CryptoSecurity