CoinDCX hack sees $44 million stolen in one of India’s biggest crypto breaches
While user funds were untouched, the attack exposes deeper issues with how exchanges handle liquidity and secure their infrastructure.
When CoinDCX, widely considered India’s biggest crypto exchange, quietly paused its Web3 services last weekend, most users didn’t think much of it. But behind the scenes, $44 million had just been drained from one of the exchange’s internal accounts — a sophisticated breach that’s now being called one of India’s biggest crypto hacks this year.
The Mumbai-based company later confirmed that the compromised wallet was used for liquidity provisioning and that no customer funds were affected. Still, the details paint a troubling picture.
The attacker used Tornado Cash, a tool often linked to money laundering, to fund their wallet, then moved assets between the Solana and Ethereum blockchains to obscure their tracks. By the time the team caught on, thousands of ETH and SOL were gone.
Crypto breaches are a global trend
This is India’s second major exchange hack in just a year, after WazirX’s $234 million breach in 2024. Globally, it’s part of a wider pattern. In February 2025, Bybit lost $1.5 billion, the largest crypto heist to date. And according to Chainalysis, over $2.4 billion has already been stolen in 2025, with centralized exchanges accounting for most of it.
At the core of all this is the industry’s ongoing reliance on hot wallets, accounts connected to the internet that make it easier to move crypto quickly. They’re fast, but they’re exposed. In CoinDCX’s case, it wasn’t a flaw in the blockchain itself that caused the breach — it was a server compromise, the kind of infrastructure-level vulnerability that attackers increasingly exploit.
To its credit, CoinDCX acted fast. It isolated the wallet, resumed services, and is now working with India’s CERT-In and global experts to trace the stolen funds. There’s even a bounty program offering up to 25% of the recovered assets. But these are reactive measures, and they’re becoming a common refrain.
David Adubiina
What can crypto exchanges do differently?
If there’s anything this hack makes clear, it’s that crypto’s biggest security threat isn’t user negligence or phishing scams. It’s the infrastructure behind the exchanges themselves and the speed at which attackers are learning to break it.
I think that’s the part that isn't being talked about enough. CoinDCX may have avoided direct user losses, but that feels more like an exception than the rule. We’ve seen too many breaches (WazirX, Bybit, the list keeps growing) and each time, the industry scrambles to respond.
But quick recoveries and public reassurances aren’t enough. Until exchanges rethink how they secure operational wallets and detect threats faster, this cycle isn’t going anywhere. It’s just going to keep repeating — louder and more expensive each time.
David Adubiina
