A suspected exploit has struck CoinDCX, one of India’s leading crypto exchanges, resulting in a loss of approximately $44.2 million. According to blockchain analyst ZachXBT, the breach began with a single Ethereum transaction, just 1 ETH, allegedly funneled through Tornado Cash.
That small initial transaction eventually led to a large-scale compromise. Investigations reveal that the attacker targeted an internal account used for liquidity on a partner exchange. As the attack unfolded, stolen assets were transferred from Solana to Ethereum, signaling a calculated cross-chain movement.
Following the breach, CoinDCX suspended multiple trading pairs and canceled open spot orders. Its Web3 wallet functionality was also disabled. Many users noticed disruptions before any official announcement, prompting concern and speculation across the community.
CEO Sumit Gupta later confirmed that the breach was contained within an internal operational account. He emphasized that user assets remained completely secure in cold wallets and were not affected by the compromise.
The compromised server was swiftly isolated to prevent further damage. Despite the severity of the attack, trading operations and INR withdrawals remain functional. However, Web3 wallet services continue to be down as a precaution.
CoinDCX Initiates Response Measures and Security Overhaul
In a statement, Gupta assured users that cybersecurity teams were working to recover funds and understand the attack vector. CoinDCX also announced plans for a bug bounty program to uncover other potential vulnerabilities and improve system defenses.
The company confirmed that the $44.2 million loss will be absorbed entirely by its treasury. According to official communications, customer funds will not be impacted. Still, the delay in acknowledgment has stirred mixed reactions among community members.
While some have praised CoinDCX for being open about the event, others criticized the late disclosure. The breach only became public knowledge after ZachXBT highlighted suspicious transactions involving the platform.
Conclusion
A massive breach rooted in a single ETH transaction has shaken CoinDCX. Though user funds remain safe and services are largely operational, the event has raised concerns over internal security and the speed of response in critical incidents.
Also Read: Ethereum ETFs Shatter Inflow Records as Institutional Demand Fuels $3,400 Price Surge
