A major security incident has occurred in the cryptocurrency world. India-based cryptocurrency exchange CoinDCX suffered a $44.2 million cyberattack approximately 17 hours ago, according to blockchain analyst ZachXBT.
While the incident has not yet been officially announced to the public, CoinDCX CEO Sumit Gupta made a statement on social media.
ZachXBT stated that the attacker’s address was funded with 1 ETH via Tornado Cash, and that some of the stolen assets were transferred from Solana to the Ethereum network. The first sign of the attack was detected by blockchain security platform Cyvers. ZachXBT explained that the CoinDCX hot wallet used by the attacker was not publicly tagged and was identified through manual analysis of the address.
Following the incident, CoinDCX Co-Founder and CEO Sumit Gupta confirmed the attack in a post on his official X (formerly Twitter) account. Gupta explained that an internal operational account used solely to provide liquidity at a partner exchange was compromised in a complex server breach. However, he maintained that the wallets holding customer funds were completely secure and unaffected.
The CEO claimed that the attack was quickly detected and isolated, that operational accounts that were kept completely separate from customer funds were used, and that the loss was covered by CoinDCX’s own treasury.
*This is not investment advice.
