Latest news with #CoinDCX
India.com
an hour ago
- Business
- India.com
Rs 1900000000000 lost in a year due to…., loss suffered by many including…
Indian cryptocurrency exchange CoinDCX has reported a security breach that led to the theft of $44.2 million (around Rs 378 crore). However, the company's founders took to X to reassure users that customer funds remain safe and unaffected, clarifying that the breach was limited to an internal operational account. CoinDCX Hit By USD 44.2 mn Security Breach The total exposure is being absorbed entirely by CoinDCX, using the company's treasury reserves, the company said in a First Incident Report released on Sunday. According to the report, on July 19, at 4 AM IST, CoinDCX security systems detected an incident involving unauthorised access to one of its accounts on the partner exchange, leading to a financial exposure of about USD 44 million. The incident once again puts the spotlight on mounting security threats in the highly volatile world of cryptocurrencies. Last year, crypto exchange WazirX faced a hack in India, leading to the loss of more than USD 230 million, and marking one of the biggest such heists in India. The theft had prompted a thorough examination of safety measures and eroded sentiments. CoinDCX On Attack CoinDCX co-founders Sumit Gupta and Neeraj Khandelwal took to the social media platform X to address the situation, confirming that the attack was the result of a sophisticated server breach, targeting an internal wallet, not the ones holding customer assets. The incident was first flagged by blockchain investigator ZachXBT, following which the exchange made the disclosure public. 'Today, one of our internal operational accounts — used only for liquidity provisioning on a partner exchange — was compromised due to a sophisticated server breach. I confirm that the CoinDCX wallets used to store customer assets are not impacted and are completely safe. This won't cause any loss to our customers. CoinDCX will be bearing the full amount,' Gupta said. 'The total amount lost was USD 44Mn out of our treasury assets. Coindcx Treasury will be bearing these losses,' Khandelwal wrote. Affected infrastructure has been completely isolated, and CoinDCX operations continue to run normally, the company said. Risk In Crypto Currency Investment Crypto thefts in 2025 had already crossed USD 2.17 billion before last week's USD 44 million CoinDCX hack, underlining relentless cyber threat escalation in the digital currency world, according to the latest data. Blockchain analytics platform Chainalysis' 2025 crypto crime mid-year update says that over USD 2.17 billion was stolen from cryptocurrency services so far in 2025, and 'this year is more devastating than the entirety of 2024'. By the end of June 2025, 17 per cent more value had been stolen year-to-date (YTD) than in 2022, previously the worst year on record. The USD 1.5 billion hack of ByBit, the largest single hack in crypto history, accounts for the majority of service losses. So far in 2025, significant concentrations of stolen fund victims have emerged in the US, Germany, Russia, Canada, Japan, Indonesia, and South Korea, it said. 'Regionally, Eastern Europe, MENA, and CSAO (Central and Southern Asia and Oceania) saw the most rapid H1 2024 to H1 2025 growth in victim totals,' it said. (With Inputs From PTI)
India.com
6 hours ago
- Business
- India.com
Rs 3780000000 loss: Major security breach hits Indian crypto exchange CoinDCX, here's what exactly happened?
Rs 3780000000 loss: Major security breach hits Indian crypto exchange CoinDCX, here's what exactly happened? A major security breach was reported at Indian cryptocurrency exchange CoinDCX in recent days. Because of the security breach**,** the company lost approximately Rs 378 crore (USD 44.2 million). As per reports, the incident took place on July 19 at around 4 am. Someone made unauthorised access to an internal operational account on a partner exchange. However, CoinDCX has assured its users that the security breach will not affect their funds and they will remain secure. CoinDCX Filed An FIR According to the FIR, the Indian cryptocurrency exchange stated that it is covering the entire financial loss using its own treasury funds, so customers won't be affected. Co-founders Sumit Gupta and Neeraj Khandelwal took to X and attributed the major security breach to 'sophisticated server attack' that attacked the internal wallet whish is used by the company for liquidity provisioning. 'Today, one of our internal operational accounts – used only for liquidity provisioning on a partner exchange – was compromised due to a sophisticated server breach. I confirm that the CoinDCX wallets used to store customer assets are not impacted and are completely safe. This won't cause any loss to our customers. CoinDCX will be bearing the full amount,' Gupta wrote in the post. 'The total amount lost was Rs378 crore ($44 million) out of our treasury assets. CoinDCX Treasury will be bearing these losses,' Khandelwal posted. Who Detected The Security Breach? The security breach was first detected by blockchain investigator ZachXBT, following which CoinDCX made the announcement. A 17-hour delay in publicly disclosing the incident has drawn online criticism, despite widespread praise for the company's efforts to safeguard user funds. Withdrawal Requests Overwhelmed CoinDCX's Systems As soon as the security breach news came out, users overwhelmed the CoinDCX's systems with withdrawal requests, leading to its portfolio APIs becoming temporarily unresponsive. The API is responsible for displaying balances and transaction histories, but due to the unresponsiveness, several users were stuck and were unable to view their holdings. Following a security breach, CoinDCX fired leading cybersecurity firms and reported the incident to India's CERT-In. A full investigation is underway, and the company plans to release its findings. This incident comes after a significant 2024 hack of WazirX, resulting in India's largest cryptocurrency exchange theft to date, exceeding Rs1,965 crore (USD 230 million).
New Indian Express
6 hours ago
- Business
- New Indian Express
After $44 million crypto theft, CoinDCX says it's financially strong and here to stay
BENGALURU: After the recent $44 million crypto theft, CoinDCX on Tuesday said it is financially strong, fully operational and committed to building for the long-term. Co-founder Sumit Gupta said, 'CoinDCX is more focused than ever on building India's most trusted crypto company - with integrity, resilience, and long-term vision. We're building stronger. We're moving faster. And we're not slowing down. DCX Group is focused on building for the next decade of crypto adoption. Strong revenue, user-first actions, and deep investor confidence form the foundation for our next phase of growth. We're here to stay, lead, and grow.' It also said that DCX Group -- comprising CoinDCX (India), BitOasis (UAE and Bahrain), and Okto -- is a high-growth, financially sound business built for scale and that its annualised group revenue stands at Rs 1,179 crore and assets under custody (AUC) are over Rs 10,000 crore. Meanwhile, Web3 venture firm Hashed Emergent has released the COINS Act — a non-binding model law intended to support the country's crypto policy dialogue with a structured, constitutionally aligned framework for regulating crypto-assets and decentralised systems.
&w=3840&q=100)
Business Standard
8 hours ago
- Business
- Business Standard
CoinDCX joins list of the biggest crypto breaches in recent times
In a major breach on July 18, Mumbai-based cryptocurrency exchange CoinDCX confirmed a hacking attack that resulted in a loss of approximately $44 million (nearly Rs 368 crore). The incident targeted an internal operational account used for liquidity operations on a partner exchange. The affected account, the company clarified, did not hold any customer assets. Sumit Gupta, co-founder of CoinDCX, described the breach as "sophisticated", revealing that hackers had exploited a server vulnerability. He further stated that the financial loss would be absorbed through the company's treasury reserves, which are 'sufficiently healthy' to cover the damage. The CoinDCX attack comes amid a broader wave of crypto hacks globally, once again raising questions about the actual security of blockchain-based platforms. While blockchains themselves are designed to be secure, the surrounding infrastructure — including wallets, bridges, exchanges, and operational accounts — continues to face vulnerabilities. According to blockchain analysis firm Chainalysis, over $1.7 billion in cryptocurrency was stolen in 2023, following a record $3.8 billion in 2022. Which were the largest crypto hacks? The biggest theft in the sector's history remains the $625 million hack of the Ronin Network in March 2022. This breach targeted the Axie Infinity blockchain game, with hackers — later linked to North Korea's Lazarus Group — making off with Ether and stablecoins. Only a small portion of the stolen funds was recovered. Following closely is the Poly Network hack of August 2021, where over $611 million was stolen. In a rare twist, the anonymous hacker returned most of the funds, claiming the act was carried out 'for fun.' The Binance BNB Bridge suffered a $569 million breach in October 2022 due to a flaw in its smart contract, while Japan's Coincheck exchange lost $532 million in 2018 through vulnerabilities in its hot wallets. In November 2022, FTX, once a major player in the crypto world, lost over $477 million on the same day it filed for bankruptcy. The company confirmed the hack on its Telegram channel, even warning users to delete its apps. Why are cross-chain bridges and DeFi platforms popular targets? A common pattern across recent breaches is the targeting of cross-chain bridges — platforms that allow cryptocurrencies to be transferred between different blockchains. The Wormhole attack in February 2022 resulted in a $325 million theft, while Nomad Bridge lost $190 million shortly after. In March 2023, Euler Finance, a DeFi lending platform, suffered a $197 million flash loan attack. Surprisingly, the attacker later returned much of the stolen funds, citing safety concerns. In May 2024, Japan's DMM Bitcoin exchange reported a $305 million theft, with Lazarus Group again suspected. Bybit, a major global exchange, disclosed a $1.5 billion breach in February, marking one of the largest losses to date. In July last year, India's WazirX suffered a $230 million theft — one of the biggest cyberattacks on an Indian exchange. Many of the affected 15 million investors reportedly faced severe financial hardship. Meanwhile, Iran's largest exchange, Nobitex, lost $90 million amid geopolitical tensions. The stolen funds carried messages allegedly criticising Iran's Revolutionary Guard. How do hackers launder stolen crypto? Tracking stolen crypto assets remains a key challenge. In the WazirX case, Netherlands-based Crystal Intelligence revealed that most of the stolen funds were laundered via TornadoCash, an open-source platform known for anonymising transactions. Only around $6 million remains traceable. Are blockchain projects truly secure? Despite claims of blockchain being 'ultra-secure', repeated cyberattacks suggest otherwise. In 2024, around $2.2 billion worth of cryptocurrencies were stolen. This followed losses of $1.7 billion in 2023 and $3.8 billion in 2022, according to blockchain analysis firm Chainalysis. The figures continue to expose vulnerabilities across exchanges, cross-chain bridges, and decentralised finance (DeFi) platforms. The trend continued into 2024, with fresh breaches reported globally. Even established exchanges like Coinbase have not been immune. In May this year, it estimated losses between $180 million and $400 million following a cyberattack that exploited insider leaks. The company confirmed that multiple contractors and employees working outside the US were paid by hackers to gather internal data. State-sponsored actors, especially North Korea's Lazarus Group, continue to dominate the crypto hacking space. The group has been linked to major breaches, including Ronin, DM Bitcoin, and Bybit. Is crypto security a myth? Experts suggest that while blockchain technology itself may offer robust security features, the infrastructure surrounding it — including bridges, exchanges, and DeFi platforms — has repeatedly proven vulnerable. With evolving tactics such as flash loan attacks, insider threats and state-backed cyber warfare, the future is shaping up to be grim for cryptocurrency security.
Entrepreneur
12 hours ago
- Business
- Entrepreneur
CoinDCX Launches Crypto Recovery Bounty After USD 44 Mn Breach
CoinDCX introduced a Recovery Bounty Program that offers up to 25 percent of any successfully recovered funds as a reward for actionable intelligence leading to the retrieval of assets and identification of the attacker. You're reading Entrepreneur India, an international franchise of Entrepreneur Media. Cryptocurrency exchange CoinDCX has announced a major initiative to recover digital assets worth approximately USD 44.2 million stolen in a recent security breach. The company unveiled a Recovery Bounty Program on Monday, offering rewards of up to 25 percent of any successfully retrieved funds to individuals who provide actionable intelligence that leads to asset recovery or the identification of the perpetrator. The potential bounty could reach USD 11 million, making it the largest of its kind in India's crypto sector. The breach targeted an internal operational wallet on the Solana blockchain between July 18 and 20, and was confirmed by the company late Friday. "We are collaborating with exchange partners to block and recover assets," said Neeraj Khandelwal, Co-founder of CoinDCX. "At the same time, we are launching this bounty program to strengthen our defences and reinforce transparency." As of Sunday, CoinDCX reported that a significant portion of the stolen assets appeared to be consolidated in two crypto wallets—one holding around 155,830 SOL (approximately USD 27.6 million) and another containing 4,443 ETH (about USD 15.7 million). The company is working with cybersecurity firms Sygnia, zeroShadow, and Seal911 to investigate the breach. It has also partnered with the Solana Foundation, Superteam, and bridge infrastructure providers Wormhole and deBridge to support asset recovery efforts. CoinDCX emphasized that no customer funds were affected in the incident. The compromised wallet was reportedly used solely for internal operations and was managed through a partner exchange. The firm is now inviting ethical hackers, white-hat researchers, and cybersecurity experts to join the recovery effort. Contributions will be assessed based on credibility and potential impact, and participants can contact the company via the dedicated email address provided. Blockchain security firm Cyvers reported that the attacker made off with funds denominated in USDC and USDT. While CoinDCX has not officially confirmed the total stolen amount, the figure aligns with Cyvers' analysis. The breach mirrors a similar incident involving rival exchange WazirX last year. On July 18, 2024, WazirX launched a global bounty program offering up to USD 23 million to help retrieve USD 234 million in stolen crypto. Despite the effort, only about USD 3 million of the assets were frozen, with the remainder laundered through crypto mixers. CoinDCX's new program highlights a growing reliance on community-led initiatives to combat crypto-related cybercrime.
