- CoinDCX suffers $44M hack, Web3 wallet remains offline temporarily.
- Attack began with 1 ETH from Tornado Cash, says expert.
- CEO confirms user funds safe, internal account was targeted.
CoinDCX, one of India’s top cryptocurrency exchanges, has reportedly suffered a security breach resulting in losses of around $44.2 million. The incident, exposed by blockchain investigator ZachXBT, is believed to have started with just 1 ETH traced from Tornado Cash.
The attacker allegedly used that initial amount to exploit a vulnerability tied to an internal account on a partner exchange. Following this, a large portion of funds were moved from Solana to Ethereum, raising immediate suspicion among blockchain monitors.
In response, CoinDCX took swift action by suspending several trading pairs, canceling open spot orders, and disabling its Web3 wallet. Users began reporting service disruptions even before the official confirmation was released. This delay in communication has drawn mixed reactions from the community.
Also Read: Ethereum Classic (ETC) Price Prediction 2025–2030: Will ETC Hit $30 Soon?
According to CoinDCX CEO Sumit Gupta, the breach impacted only an internal operational account that had no link to customer wallets. He assured users that all customer assets remain safe and are stored in secure cold wallets.
The company isolated the affected account soon after detecting unusual activity. The disruption was caused by a server compromise, which has now been contained. CoinDCX clarified that core trading and INR withdrawals remain fully operational.
Web3 Services Down as Company Begins Recovery Efforts
While confirming the attack, Gupta stated that CoinDCX is working closely with cybersecurity experts to investigate the breach. A fund recovery process is underway, and the company has also announced the launch of a bug bounty program to strengthen its platform.
The financial loss, which totals over $44 million, will be absorbed by the exchange’s own treasury. CoinDCX emphasized that no part of the loss will affect customer holdings. However, the temporary suspension of Web3 wallet services remains in place as a security precaution.
Some users have praised CoinDCX for its transparent handling of the issue. Others criticized the delay in addressing the breach publicly, as the incident was first revealed by a third-party analyst.
Conclusion
The $44.2 million exploit that started with just 1 ETH has forced CoinDCX to shut down key services, including its Web3 wallet. While the company insists user funds are safe and operations continue, the incident has sparked concern over the exchange’s security readiness and response time.
Also Read: SHIB Dev Rejects Power Grab, Proposes Full Control to Community DAO
