Last July, the largest exchange of Crypto in India, Wazirx, was hacked, which led to the theft of cryptographic assets worth $ 235 million (RS 2 024 crores). Now, a year later, the second largest exchange of Crypto in India Coindcx reported a major security violation, which led to around 44 million dollars (RS 378) Annéantis of the platform.
Saturday, July 19, the co-founders of Coindcx Sumit Gupta and Neeraj Khandelwal confirmed that they had been affected by pirates, describing the hack as a “sophisticated” breach of its infrastructure.
What exactly happened? Have customers been affected? Are there affected cryptographic assets? Why are cryptographic platforms sensitive to violations?
We get you all the answers.
What is Coindcx?
Before diving in the hacking incident at Coindcx, let’s better understand what it is. Created in 2018, Teday Coindcx is an exchange of cryptocurrency and was founded by the elders of the Iit Bombay, Sumit Gupta and Neeraj Khandelwal.
According to the duo, the idea behind Coindcx was to create a centralized platform where users could exchange cryptocurrencies easily and safely. This vision has motivated the growth and innovation of the company since its creation.
Today, according to their website, Coindcx has more than 1.6 user believes and a daily negotiation volume of more than $ 10 million.
So what happened at Coindcx?
On July 19, the popular ethical pirate Zachxbt revealed a violation at Coindcx on his telegram channel. Shortly after, the co-founder and CEO of the Sumit Gupta platform confirmed that the news saying that the pirates had wiped around $ 44 million from the platform.
“Today, one of our internal operational accounts – used only for liquidity supply on an exchange of partners – has been compromised due to a violation of sophisticated server. I confirm that the coindcx portfolios used to store customer assets are not affected and are not safe.
Hi everyone,
HAS @CoindcxWe have always believed to be transparent with our community, so I share it directly with you.
Today, one of our internal operational accounts – used only for liquidity supply on an exchange of partners – has been compromised due to a … pic.twitter.com/l1kzhjkaxq
– Sumit Gupta (Coindcx) (@Smtgpt) July 19, 2025
However, many stressed that Coindcx confirmation occurred 5 p.m. after Zachxbt reported the problem. To this, the other co-founder of Coindcx, Neeraj Khandelwal, said that the company wanted to “first secure assets” before making a public announcement. “This is the most important thing and inform when we are confident for security.”
How did the violation occur at Coindcx?
Explaining that it was a sophisticated server breach, the platform explained that the hackers reached one of the internal operational accounts of the company, which was generally used to provide liquidity. They said the pirates had exploited a vulnerability on the server side in an internal liquidity provisioning account.
As a report in the Mint States, even short access windows to a hot wallet, can cause massive losses. The anonymous and irreversible nature of blockchain transactions means that the funds can be moved and bleached quickly, often before the teams can react.
However, the damage was contained, according to Gupta de Coindcx, which said that the affected account was isolated. “Since our operational accounts are separated from the client’s portfolios, exposure is only limited to this specific account and is entirely absorbed by us-from our own cash reserves,” he added.
Zachxbt, the ethical pirate, described how the hacking took place. He said that stable stablecoins had been moved from Solana to Ethereum. They were transported via Tornado Cash, a service often used to obscure blockchain transactions. In addition, the pirate would have financed his portfolio with 1 ETH via Tornado Cash before launching the flight, which complicates the efforts to retrace the full path of the stolen funds.
Are customers’ assets sure?
Coindcx categorically said that no customer funds were assigned because user assets were stored separately in secure cold wallets. He said he had temporarily suspended his web services to contain the violation.
A few hours later, he restored the functionality in the application. The CoincDcx Gupta added on X that a FIR had been deposited and that the Coindcx reserves would absorb all the losses. He also added that all exchanges and withdrawals operated normally and that there is no impact on users.
“Our internal security and operating teams worked throughout the day with the main cybersecurity partners to investigate the issue, correct vulnerabilities and trace the fundraising movement,” he added.
GUPTA said that each security incident is learning and has given more strengthening of the platform. “More importantly, it is our time to win this war against industry cyber-states, and we are committed to working with experts to secure our industry. I understand that incidents like this can be disturbing, even when customer assets are not affected. This is why I share this incident with you with total transparency. ”
Is this the first incident of this type in India?
Unfortunately, no. A year ago, during the same month, Wazirx was hacked, which was lowered as the largest cyberattack in the country on an exchange of Indian crypto. Pirates caused a loss of more than $ 230 million, or almost 45% of investor funds on the platform.
The surveys later revealed that it was linked to groups affiliated to North Korea, including the Lazare group.
In addition, this hacking on Coindcx presents itself in the heels of these similar attacks against a cryptographic enterprise in recent times. For example, Iran’s greatest cryptocurrency exchange, Nobitex has lost more than $ 90 million in a cyber attack both in the middle of the recent push between Israel and Iran.
In June, Crypto Exchange, based in the United States, Coinbase underwent a data violation that exposed customer information. The pirates used stolen data to carry out social engineering attacks aimed at flying user funds. They also demanded a ransom of $ 20 million in exchange for not disclosing data and stopping other attacks. The estimated financial impact varied between $ 180 million and $ 400 million.
Why do pirates often target cryptographic assets?
Pirates often attack cryptographic platforms for a number of reasons, including regulatory gaps and limited legal appeals. Experts explain that each new layer of blockchain transactions adds potential vulnerabilities, which makes them more subject to attacks.
In addition, once the funds are moved, there is no central authority to freeze or recover stolen assets. Crypto exchanges lack monitoring or regulation in India.
With agency entries
