Latest news with #ZachXBT
Yahoo
a day ago
- Business
- Yahoo
Indian crypto exchange CoinDCX confirms $44M stolen during hack
India's largest crypto exchange CoinDCX has confirmed that one of its internal operational accounts was compromised in a recent security breach, allowing the hackers to make off with millions in crypto. On Saturday, CoinDCX co-founder and CEO Sumit Gupta disclosed in a post on X that an internal account 'used only for liquidity provisioning on a partner exchange' was compromised during the hack. The executive assured that the incident did not affect customer funds and that all its customer assets remain secure. Earlier in the day, crypto security researcher ZachXBT reported that around $44.2 million was drained from CoinDCX's coffers due to the incident. 'The attacker address was funded with 1ETH [Ethereum] Tornado Cash and later bridged a portion of the stolen funds from Solana to Ethereum,' the researcher posted on their Telegram channel. CoinDCX confirmed the loss amount to TechCrunch, stating that the funds were routed through Solana-Ethereum bridges and consolidated into 4,443 Ethereum and 155,830 Solana, which currently remain dormant. The crypto exchange also noted that it is working with India's Computer Emergency Response Team, CERT-In, and partner exchanges to investigate the matter. The Indian crypto exchange, registered with the government's Financial Intelligence Unit, boasts over 16 million users and offers access to more than 500 crypto assets. 'The incident was quickly contained by isolating the affected operational account,' said Gupta in an X post. 'Since our operational accounts are segregated from customer wallets, the exposure is only limited to this specific account and is being fully absorbed by us — from our own treasury reserves.' Gupta noted that the company was working with the exchange partner to block and recover assets. 'I understand incidents like this can be unsettling — even when customer assets are unaffected,' he said. The exchange also launched a 'recovery bounty' program on Monday to award up to 25% of any recovered funds to anyone who can help trace and retrieve the stolen crypto. 'More than recovering the stolen funds, what is important for us is to identify and catch the attackers, because such things shouldn't happen again, not with us, not with anyone in the industry,' said Gupta. News of the breach comes almost exactly a year since the massive breach at Indian crypto exchange giant WazirX, which resulted in the loss of $230 million — nearly half its reserves. The exchange halted trading after the loss. It remains unclear, however, whether there are any connections between the two incidents.
India.com
a day ago
- Business
- India.com
Rs 1900000000000 lost in a year due to…., loss suffered by many including…
Indian cryptocurrency exchange CoinDCX has reported a security breach that led to the theft of $44.2 million (around Rs 378 crore). However, the company's founders took to X to reassure users that customer funds remain safe and unaffected, clarifying that the breach was limited to an internal operational account. CoinDCX Hit By USD 44.2 mn Security Breach The total exposure is being absorbed entirely by CoinDCX, using the company's treasury reserves, the company said in a First Incident Report released on Sunday. According to the report, on July 19, at 4 AM IST, CoinDCX security systems detected an incident involving unauthorised access to one of its accounts on the partner exchange, leading to a financial exposure of about USD 44 million. The incident once again puts the spotlight on mounting security threats in the highly volatile world of cryptocurrencies. Last year, crypto exchange WazirX faced a hack in India, leading to the loss of more than USD 230 million, and marking one of the biggest such heists in India. The theft had prompted a thorough examination of safety measures and eroded sentiments. CoinDCX On Attack CoinDCX co-founders Sumit Gupta and Neeraj Khandelwal took to the social media platform X to address the situation, confirming that the attack was the result of a sophisticated server breach, targeting an internal wallet, not the ones holding customer assets. The incident was first flagged by blockchain investigator ZachXBT, following which the exchange made the disclosure public. 'Today, one of our internal operational accounts — used only for liquidity provisioning on a partner exchange — was compromised due to a sophisticated server breach. I confirm that the CoinDCX wallets used to store customer assets are not impacted and are completely safe. This won't cause any loss to our customers. CoinDCX will be bearing the full amount,' Gupta said. 'The total amount lost was USD 44Mn out of our treasury assets. Coindcx Treasury will be bearing these losses,' Khandelwal wrote. Affected infrastructure has been completely isolated, and CoinDCX operations continue to run normally, the company said. Risk In Crypto Currency Investment Crypto thefts in 2025 had already crossed USD 2.17 billion before last week's USD 44 million CoinDCX hack, underlining relentless cyber threat escalation in the digital currency world, according to the latest data. Blockchain analytics platform Chainalysis' 2025 crypto crime mid-year update says that over USD 2.17 billion was stolen from cryptocurrency services so far in 2025, and 'this year is more devastating than the entirety of 2024'. By the end of June 2025, 17 per cent more value had been stolen year-to-date (YTD) than in 2022, previously the worst year on record. The USD 1.5 billion hack of ByBit, the largest single hack in crypto history, accounts for the majority of service losses. So far in 2025, significant concentrations of stolen fund victims have emerged in the US, Germany, Russia, Canada, Japan, Indonesia, and South Korea, it said. 'Regionally, Eastern Europe, MENA, and CSAO (Central and Southern Asia and Oceania) saw the most rapid H1 2024 to H1 2025 growth in victim totals,' it said. (With Inputs From PTI)
India.com
a day ago
- Business
- India.com
Rs 3780000000 loss: Major security breach hits Indian crypto exchange CoinDCX, here's what exactly happened?
Rs 3780000000 loss: Major security breach hits Indian crypto exchange CoinDCX, here's what exactly happened? A major security breach was reported at Indian cryptocurrency exchange CoinDCX in recent days. Because of the security breach**,** the company lost approximately Rs 378 crore (USD 44.2 million). As per reports, the incident took place on July 19 at around 4 am. Someone made unauthorised access to an internal operational account on a partner exchange. However, CoinDCX has assured its users that the security breach will not affect their funds and they will remain secure. CoinDCX Filed An FIR According to the FIR, the Indian cryptocurrency exchange stated that it is covering the entire financial loss using its own treasury funds, so customers won't be affected. Co-founders Sumit Gupta and Neeraj Khandelwal took to X and attributed the major security breach to 'sophisticated server attack' that attacked the internal wallet whish is used by the company for liquidity provisioning. 'Today, one of our internal operational accounts – used only for liquidity provisioning on a partner exchange – was compromised due to a sophisticated server breach. I confirm that the CoinDCX wallets used to store customer assets are not impacted and are completely safe. This won't cause any loss to our customers. CoinDCX will be bearing the full amount,' Gupta wrote in the post. 'The total amount lost was Rs378 crore ($44 million) out of our treasury assets. CoinDCX Treasury will be bearing these losses,' Khandelwal posted. Who Detected The Security Breach? The security breach was first detected by blockchain investigator ZachXBT, following which CoinDCX made the announcement. A 17-hour delay in publicly disclosing the incident has drawn online criticism, despite widespread praise for the company's efforts to safeguard user funds. Withdrawal Requests Overwhelmed CoinDCX's Systems As soon as the security breach news came out, users overwhelmed the CoinDCX's systems with withdrawal requests, leading to its portfolio APIs becoming temporarily unresponsive. The API is responsible for displaying balances and transaction histories, but due to the unresponsiveness, several users were stuck and were unable to view their holdings. Following a security breach, CoinDCX fired leading cybersecurity firms and reported the incident to India's CERT-In. A full investigation is underway, and the company plans to release its findings. This incident comes after a significant 2024 hack of WazirX, resulting in India's largest cryptocurrency exchange theft to date, exceeding Rs1,965 crore (USD 230 million).
TechCrunch
2 days ago
- Business
- TechCrunch
Indian crypto exchange CoinDCX confirms $44 million stolen during hack
India's largest crypto exchange CoinDCX has confirmed that one of its internal operational accounts was compromised in a recent security breach, allowing the hackers to make off with millions in crypto. On Saturday, CoinDCX co-founder and CEO Sumit Gupta disclosed in a post on X that an internal account 'used only for liquidity provisioning on a partner exchange' was compromised during the hack. The executive assured that the incident did not affect customer funds and that all its customer assets remain secure. Earlier in the day, crypto security researcher ZachXBT reported that around $44.2 million was drained from CoinDCX's coffers due to the incident. 'The attacker address was funded with 1ETH [Ethereum] Tornado Cash and later bridged a portion of the stolen funds from Solana to Ethereum,' the researcher posted on their Telegram channel. CoinDCX confirmed the loss amount to TechCrunch, stating that the funds were routed through Solana-Ethereum bridges and consolidated into 4,443 Ethereum and 155,830 Solana, which currently remain dormant. The crypto exchange also noted that it is working with India's Computer Emergency Response Team, CERT-In, and partner exchanges to investigate the matter. The Indian crypto exchange, registered with the government's Financial Intelligence Unit, boasts over 16 million users and offers access to more than 500 crypto assets. 'The incident was quickly contained by isolating the affected operational account,' said Gupta in an X post. 'Since our operational accounts are segregated from customer wallets, the exposure is only limited to this specific account and is being fully absorbed by us — from our own treasury reserves.' Techcrunch event Tech and VC heavyweights join the Disrupt 2025 agenda Netflix, ElevenLabs, Wayve, Sequoia Capital — just a few of the heavy hitters joining the Disrupt 2025 agenda. They're here to deliver the insights that fuel startup growth and sharpen your edge. Don't miss the 20th anniversary of TechCrunch Disrupt, and a chance to learn from the top voices in tech — grab your ticket now and save up to $675 before prices rise. Tech and VC heavyweights join the Disrupt 2025 agenda Netflix, ElevenLabs, Wayve, Sequoia Capital — just a few of the heavy hitters joining the Disrupt 2025 agenda. They're here to deliver the insights that fuel startup growth and sharpen your edge. Don't miss the 20th anniversary of TechCrunch Disrupt, and a chance to learn from the top voices in tech — grab your ticket now and save up to $675 before prices rise. San Francisco | REGISTER NOW Gupta noted that the company was working with the exchange partner to block and recover assets. 'I understand incidents like this can be unsettling — even when customer assets are unaffected,' he said. The exchange also launched a 'recovery bounty' program on Monday to award up to 25% of any recovered funds to anyone who can help trace and retrieve the stolen crypto. 'More than recovering the stolen funds, what is important for us is to identify and catch the attackers, because such things shouldn't happen again, not with us, not with anyone in the industry,' said Gupta. News of the breach comes almost exactly a year since the massive breach at Indian crypto exchange giant WazirX, which resulted in the loss of $230 million — nearly half its reserves. The exchange halted trading after the loss. It remains unclear, however, whether there are any connections between the two incidents.
International Business Times
2 days ago
- Business
- International Business Times
$44.2 Million Drained from CoinDCX Crypto Exchange in the Biggest Crypto Heist of 2025
July 21, 2025 17:05 +08 CoinDCX, one of the largest cryptocurrency exchanges in India, disclosed a significant security breach. Hackers stole approximately $44.2 million when they obtained access to one of the company's internal accounts. This account was available to facilitate trading in an orderly manner by providing liquidity. X Well-known hacker ZachXBT first noticed this problem. He discovered the breach 17 hours after it occurred. CoinDCX quickly quarantined the impacted account and prevented further loss. The exchange confirmed that the wallets containing users' funds were not impacted. Existing users can still withdraw funds and deposit funds to trade. As a precaution, the platform temporarily had disabled its Web3 mode, meaning users can access over 50,000 decentralized finance (DeFi) tokens. The feature was later restored. The company will cover the entire loss using its own funds, CoinDCX CEO Sumit Gupta said. "No customer funds were lost. Our treasury is capable enough to bear this," Gupta wrote in a social media post. And their in-house team, working with outside cybersecurity experts, is trying to figure out how the hack occurred and where the stolen funds have ended up, he added. This is one of the biggest crypto hacks of 2025. Hackers have taken more than $2 billion in cryptocurrencies so far this year, according to a report from Chainalysis. The increasingly large sample is generating some serious concerns about the security of the cryptocurrency exchanges. To further enhance security on the platform, CoinDCX intends to roll out a bug bounty program. The program will pay by-the-book hackers who report weaknesses before they're used to loot the system. The platform is also working together with partner platforms to monitor and recover the stolen funds. However, despite the setback, CoinDCX has announced that user funds are safe and operations are normal. The company says it's still committed to transparency and bolstering its systems against future threats.
