Latest news with #SumitGupta
Economic Times
5 days ago
- Business
- Economic Times
CoinDCX resumes withdrawals after $44 million security breach, assures user funds are safe
Mumbai: India's crypto exchange CoinDCX has opened withdrawals on its platform and asserted that no user funds were affected after it suffered a $44 million (~₹300 crore) security breach on its platform last month, cofounder and CEO Sumit Gupta told ET. ADVERTISEMENT "For us retaining the users trust and ensuring that their funds were 100% safe was our topmost priority. We ensured that all customer withdrawal requests were honoured and there was no impact on the functioning of platform," Gupta said. "This was our wake-up call. The attack was not on our core systems but on a third-party service we used for wallet management. Still, we take full responsibility." Post the incident, the platform has not only arrested investor churn but also recorded its highest-ever monthly trading volume, he said. Gupta also pushed back against media speculation around a possible $900 million acquisition by global exchange Coinbase, asserting that CoinDCX is on path to be India's first crypto decacorn (valued at $10 billion) and such "petty" valuations do not justify the company's growth trajectory. "Our annualised revenue today stands at ₹1,179 crore and we have nearly ₹10,000 worth of crypto assets under custody across products," Gupta said, adding that the company's current valuation must be more than $2 billion. ADVERTISEMENT "We hold 80% market share among India's centralised exchanges. But this is just scratching the surface. Once the Indian government brings an official crypto policy, we could easily achieve decacorn status within a year," he said. (You can now subscribe to our ETMarkets WhatsApp channel)
Time of India
5 days ago
- Business
- Time of India
CoinDCX resumes withdrawals after $44 million security breach, assures user funds are safe
Mumbai: India's crypto exchange CoinDCX has opened withdrawals on its platform and asserted that no user funds were affected after it suffered a $44 million (~₹300 crore) security breach on its platform last month, cofounder and CEO Sumit Gupta told ET. "For us retaining the users trust and ensuring that their funds were 100% safe was our topmost priority. We ensured that all customer withdrawal requests were honoured and there was no impact on the functioning of platform," Gupta said. Explore courses from Top Institutes in Please select course: Select a Course Category Finance PGDM Data Science MCA Cybersecurity Degree Public Policy Technology Product Management healthcare Artificial Intelligence Healthcare Data Analytics Management Operations Management CXO others Project Management Leadership Design Thinking MBA Digital Marketing Others Data Science Skills you'll gain: Duration: 9 Months IIM Calcutta SEPO - IIMC CFO India Starts on undefined Get Details Skills you'll gain: Duration: 7 Months S P Jain Institute of Management and Research CERT-SPJIMR Fintech & Blockchain India Starts on undefined Get Details "This was our wake-up call. The attack was not on our core systems but on a third-party service we used for wallet management. Still, we take full responsibility." Crypto Tracker TOP COIN SETS Crypto Blue Chip - 5 -4.79% Buy Web3 Tracker -10.47% Buy DeFi Tracker -12.39% Buy NFT & Metaverse Tracker -13.74% Buy AI Tracker -14.67% Buy TOP COINS (₹) XRP 261 ( 7.51% ) Buy Ethereum 309,245 ( 4.14% ) Buy Solana 14,343 ( 3.09% ) Buy BNB 66,066 ( 2.72% ) Buy Bitcoin 10,018,394 ( 1.81% ) Buy Post the incident, the platform has not only arrested investor churn but also recorded its highest-ever monthly trading volume, he said. Did you Know? The world of cryptocurrencies is very dynamic. Prices can go up or down in a matter of seconds. Thus, having reliable answers to such questions is crucial for investors. View Details » Gupta also pushed back against media speculation around a possible $900 million acquisition by global exchange Coinbase, asserting that CoinDCX is on path to be India's first crypto decacorn (valued at $10 billion) and such "petty" valuations do not justify the company's growth trajectory. Live Events "Our annualised revenue today stands at ₹1,179 crore and we have nearly ₹10,000 worth of crypto assets under custody across products," Gupta said, adding that the company's current valuation must be more than $2 billion. "We hold 80% market share among India's centralised exchanges. But this is just scratching the surface. Once the Indian government brings an official crypto policy, we could easily achieve decacorn status within a year," he said.
Yahoo
30-07-2025
- Business
- Yahoo
CoinDCX Dismisses Report of Coinbase Acquisition Talks
CoinDCX, India's largest crypto exchange, dismissed a local media report that U.S. rival Coinbase (COIN) was looking to acquire it. "Ignore the rumours," CEO Sumit Gupta said Tuesday in a post on X. Earlier in the day Mint reported that Coinbase was in advanced talks to acquire the Mumbai-based company, citing two people with knowledge of the matter. The potential acquisition could value CoinDCX at less than $1 billion, a steep drop from its $2.2 billion valuation in 2021, it said. Mint's sources added that Coinbase already has equity in both CoinDCX and rival CoinSwitch. In his post, Gupta emphasized the exchange's India-focused strategy. "CoinDCX is 'super focused' on building for India's crypto story and not up for sale! Will share more later, but just wanted to clarify this upfront!" Gupta noted. Coinbase declined to comment. "We don't comment on rumors or speculation. We have a bold mission to increase economic freedom in the world, and are constantly exploring opportunities around the world to build, buy, partner and invest to accelerate our roadmap,' it said. CoinDCX recently suffered a $44 million security breach that targeted an operational wallet. The exploit was quickly contained, ensuring the crypto assets were untouched and safe in cold wallets. Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Coin Geek
30-07-2025
- Business
- Coin Geek
CoinDCX denies reports of acquisition by Coinbase
Getting your Trinity Audio player ready... CoinDCX, India's first digital asset unicorn, has dismissed recent media claims that it is in advanced acquisition discussions with the United States-based digital asset powerhouse, Coinbase (NASDAQ: COIN). The media report suggested that Coinbase might purchase the Indian exchange for less than $1 billion—a valuation notably lower than CoinDCX's peak worth of $2.2 billion. This clarification comes during a turbulent time for CoinDCX, which recently faced a serious cybersecurity breach. Earlier in July, the exchange suffered a loss of approximately $44.2 million after one of its internal operational accounts was compromised. In response, CoinDCX claimed that it promptly secured the affected systems and introduced a recovery bounty initiative offering up to $11 million in rewards. The firm has also appealed to white-hat hackers and cybersecurity professionals to assist in tracking down and reclaiming the stolen assets. 'Amidst all the noise and media drama, building for crypto in India is tough. Super tough. But entrepreneurs thrive on challenges and there's unmatched joy in building something meaningful for the country!' CoinDCX co-founder Sumit Gupta wrote on X. CoinDCX made history in 2021 by becoming India's first digital asset exchange to achieve 'unicorn' status, following a $90 million funding round that brought its valuation to $1.1 billion. Building on that momentum, the company secured another $135 million in 2022, nearly doubling its valuation to approximately $2.15 billion. Continuing its growth trajectory, CoinDCX expanded its global footprint in July 2024 with the acquisition of BitOasis, a prominent digital asset exchange headquartered in Dubai. This strategic move marked a key milestone in the company's international ambitions. Around the same time, CoinDCX also broadened its trading offerings by listing the BSV token on its platform, providing users with increased options for buying, selling, and trading BSV. WazirX looking to restart operations' safely' In January 2025, CoinDCX signaled its intention to acquire rival exchange WazirX, reflecting a potential consolidation move within India's digital asset industry. Around the same time, CoinSwitch exchange stepped in with a $70 million asset recovery initiative to compensate WazirX users affected by the devastating cyberattack in July 2024. Once the leading digital asset exchange of India by trading volume, WazirX faced a steep decline since falling victim to a massive $235 million hack last year. The attack, attributed to the Lazarus Group linked to North Korea, severely impacted the platform's operations and user trust. The incident has further highlighted growing global concerns over the security vulnerabilities of digital asset exchanges. On July 18, 2025, around the same time CoinDCX lost $44.2 million in a cyberattack, WazirX wrote on X: 'A lot can happen in one year…Exactly a year ago, WazirX faced a major cyberattack. Global agencies, including law enforcement from the U.S., Japan, and South Korea, have formally confirmed that it was done by North Korean hackers. It disrupted operations, but not our determination. Since then, our focus has been crystal clear: restore trust, distribute assets, and restart operations safely.' WazirX announced that it has brought on board international cybersecurity specialists and is actively working with legal authorities as part of a comprehensive recovery plan. As a key part of this effort, the company secured a moratorium from the Singapore High Court, allowing it to rebuild its operations under judicial supervision and in accordance with legal protocols. To reinforce the safety of user assets, WazirX partnered with custodial service providers such as BitGo and Zodia Custody. The exchange also revealed that its proposed restructuring plan received strong support from stakeholders, with 93.1% of creditors voting in favor of the initiative. In line with evolving regulatory and operational requirements, WazirX said it has overhauled its internal structure. Under the new arrangement, Zanmai India, a Financial Intelligence Unit (FIU)-registered entity, will be responsible for managing the asset distribution process once the court formally approves and sanctions the restructuring scheme. 'This change requires a revote to reflect the updated framework, and we are ready. We have committed to speed from the start. Once the voting is over, the distribution of assets will take place within a few weeks,' the exchange wrote in the X post. 'The journey has never been about shortcuts, it's been about doing what's right, rebuilding the right way, and distributing assets as soon as possible…We are nearly there. Let's finish strong together,' it added. 'Crypto assets are unregulated in India' Over the past year, India has experienced two of its most severe digital asset security breaches, shaking confidence in the sector. The first occurred in July 2024, when WazirX fell victim to a massive cyberattack that resulted in the loss of nearly 45% of the exchange's total holdings. Again in July this year, CoinDCX confirmed a separate breach involving losses exceeding $40 million, further compounding the sector's challenges. These two incidents have affected India's leading digital asset platforms, underscoring deep vulnerabilities in local exchange infrastructure. Moreover, India's digital asset industry remains in regulatory limbo, with no comprehensive framework in place. This uncertainty continues to hamper the industry's growth, leaving exchanges and investors exposed to both legal ambiguity and operational risk. 'Crypto assets are unregulated in India and [the] government does not collect data on these assets,' Pankaj Chaudhary, Minister of State in the Ministry of Finance, told the Parliament on July 28. 'Crypto assets are by definition borderless and require significant international collaboration to prevent regulatory arbitrage. Therefore, any proposal for bringing model guidelines/rules can be effective only with significant international collaboration on evaluation of the risks and benefits and evolution of common taxonomy and standards. The Reserve Bank of India (RBI) has issued advisories warning users, holders, and traders of virtual currencies or crypto assets about the potential risks, including economic, financial, operational, legal, and security concerns,' Chaudhary stated. The Indian government has brought virtual digital assets (VDAs) under the purview of the Prevention of Money Laundering Act (PMLA) to bring the transactions involving VDAs within the ambit of PMLA. Additionally, Chaudhary clarified that companies with exposure to digital assets are required to disclose their 'crypto' holdings in their financial statements. In December 2024, the Indian government stated that there was no definitive timeline for rolling out comprehensive virtual digital assets regulations. However, by June 2025, the government signaled a shift in approach, announcing plans to soon release a detailed discussion paper on digital assets. This paper will draw on insights from international bodies such as the International Monetary Fund (IMF) and the Financial Stability Board (FSB). India enforces one of the most stringent tax regimes on digital asset trading, including a flat 30% tax on all profits from digital assets, with no allowance for offsetting losses, a 1% tax deducted at source (TDS) on transactions exceeding ₹10,000 (approximately $116), and an 18% Goods and Services Tax (GST) on trading fees. According to a report by the Esya Centre, an Indian policy think tank, this framework could result in a potential loss of $1.2 trillion in trading volume on domestic exchanges. Watch: India is going to be the frontrunner in digitalization title="YouTube video player" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" referrerpolicy="strict-origin-when-cross-origin" allowfullscreen="">
The Hindu
26-07-2025
- Business
- The Hindu
What happened to the crypto exchange CoinDCX?
The story so far: On July 19, the crypto exchange CoinDCX updated users that one of its internal accounts had been 'compromised.' The company's executives reassured panicked investors and traders that their assets were safe and that access to their crypto would not be cut off. Despite assurances, many CoinDCX customers moved to withdraw their assets, perceiving the event could turn into something like the WazirX hack last year. What happened to CoinDCX? CoinDCX is a Financial Intelligence Unit (FIU) registered Indian cryptocurrency exchange founded in 2018 by Neeraj Khandelwal and Sumit Gupta, now counting over 1.6 crore registered users. On July 19, the exchange shared that one of its 'internal operational accounts, used solely for liquidity provisioning on a partner exchange, was compromised due to a sophisticated server breach.' Mr. Khandelwal clarified this involved unauthorised access to an operational hot (virtually connected) wallet on a partner exchange. CoinDCX reported financial exposure of about $44 million but stressed that the incident was contained by isolating the affected account, which was segregated from the company's customer wallets. The exchange further added that the exposure was limited to that amount alone and that it would be fully absorbed by CoinDCX through its own reserves. 'The incident has been formally reported to CERT-In, and we are actively working with leading blockchain forensics firms and ecosystem partners to trace the attacker and recover assets,' said CoinDCX in its Incident Report, and provided information about the cross-chain movement of the stolen assets. The company also announced a recovery bounty programme. How were CoinDCX users impacted by the hack? CoinDCX repeatedly stressed that customers' funds were secure and unaffected by the hack, as they were placed in segregated, cold wallets that are challenging for attackers to breach. The company also stated that trading, rupee deposits, and rupee withdrawals remained fully functional throughout the period. However, some customers complained that their withdrawal requests took time to be processed, sparking fears that their funds had been frozen. CoinDCX's founding partner Mridul Gupta said that 'operational challenges caused by high withdrawal volumes during non-banking hours' had led to some delays but denied allegations of a freeze. The company later confirmed that all withdrawal requests had been successfully processed. While crypto withdrawals are not possible for everyone using CoinDCX, this is a pre-existing situation that is part of the company's risk policy and was not caused by the hack itself. Furthermore, the exchange faced accusations of a 17-hour-long delay when it came to updating customers about the hack. CoinDCX defended its actions and said it needed to have all the information before issuing a statement to customers but said investigating agencies were immediately informed and onboarded. 'Our first priority is always to act, not just to speak. Before making a public statement, we had to ensure the threat was fully contained, our platform was secure, and all customer funds were safe. Communicating with incomplete or unverified information would have been irresponsible and could have caused unnecessary panic,' said co-founder Sumit Gupta. Other CoinDCX users raised complaints about temporary price drops for certain assets, as well as some tokens being under maintenance, which the company also addressed. How are the CoinDCX and WazirX hacks different? Just a little over a year ago, on July 18, 2024, WazirX was targeted by North Korean cyber-thieves. That day, a multi-signature wallet that the WazirX exchange was managing with the company Liminal was exploited, leading to the loss of assets worth over $230 million. This was far greater than the losses reported by CoinDCX; WazirX customers' assets were directly affected by this breach. After much delay and confusion, WazirX blocked users' access to their crypto for an indefinite period of time and acknowledged significant losses. By contrast, CoinDCX has stressed that it is business as usual for the exchange, noting on X that its annual revenue exceeds ₹1,100 crores. WazirX customers demanded that the company use its own profits or funds to cover losses, but the company said this was not possible, citing an ownership dispute with the international crypto exchange Binance. WazirX further decided to carry out its legal restructuring exercise in Singapore. WazirX users have not been able to access their locked up crypto for over a year and are set to vote for a second time on the amended Scheme of Arrangement. This comes after the first proposed restructuring plan was rejected by the Singapore High Court. Both WazirX and CoinDCX were hit with criticism for delays in informing their customers about their respective hacks. What is the lesson for crypto investors in India? Investors in India should remember that crypto trading is a largely unregulated activity in the country; even users of centralised, FIU-registered exchanges can expect little to no support from the Indian authorities in case of a crisis such as a security breach. Satnam Narang, Senior Staff Research Engineer at Tenable, explained that if users want full control of their coins, they should consider self-custody options like an offline, hardware cold wallet they directly control. Even here, due diligence is required in order to buy only trusted hardware wallets from legitimate sellers, according to him. 'As more and more exchanges have been set up across the world, we have seen reports of attacks targeting smart contract flaws or other ways to steal funds from these exchanges including but not limited to social engineering, theft of credentials or private keys or targeting a third-party company that works with the targeted organization,' said Mr. Narang, noting that the CoinDCX hack was one of the largest cryptocurrency breaches since the attack against WazirX last year. He highlighted that when crypto prices go up, there is also a rise in attacks against both exchanges and customers. Mr. Narang said that traders storing coins on crypto exchanges should use multi-factor authentication and strong passwords, or store their coins securely offline, if possible. 'There is an old adage in the cryptocurrency space that says: 'not your keys, not your crypto/coins'. As long as users store their cryptocurrency on an exchange, those coins don't necessarily belong to them because the exchange could ban their account or an exchange hack could lead to the loss of coins,' explained Mr. Narang.
