The story so far: On July 19, the crypto exchange CoinDCX updated users that one of its internal accounts had been “compromised.” The company’s executives reassured panicked investors and traders that their assets were safe and that access to their crypto would not be cut off.
Despite assurances, many CoinDCX customers moved to withdraw their assets, perceiving the event could turn into something like the WazirX hack last year.
What happened to CoinDCX?
CoinDCX is a Financial Intelligence Unit (FIU) registered Indian cryptocurrency exchange founded in 2018 by Neeraj Khandelwal and Sumit Gupta, now counting over 1.6 crore registered users. On July 19, the exchange shared that one of its “internal operational accounts, used solely for liquidity provisioning on a partner exchange, was compromised due to a sophisticated server breach.” Mr. Khandelwal clarified this involved unauthorised access to an operational hot (virtually connected) wallet on a partner exchange.
CoinDCX reported financial exposure of about $44 million but stressed that the incident was contained by isolating the affected account, which was segregated from the company’s customer wallets. The exchange further added that the exposure was limited to that amount alone and that it would be fully absorbed by CoinDCX through its own reserves.
“The incident has been formally reported to CERT-In, and we are actively working with leading blockchain forensics firms and ecosystem partners to trace the attacker and recover assets,” said CoinDCX in its Incident Report, and provided information about the cross-chain movement of the stolen assets.
The company also announced a recovery bounty programme.
How were CoinDCX users impacted by the hack?
CoinDCX repeatedly stressed that customers’ funds were secure and unaffected by the hack, as they were placed in segregated, cold wallets that are challenging for attackers to breach. The company also stated that trading, rupee deposits, and rupee withdrawals remained fully functional throughout the period. However, some customers complained that their withdrawal requests took time to be processed, sparking fears that their funds had been frozen.
CoinDCX’s founding partner Mridul Gupta said that “operational challenges caused by high withdrawal volumes during non-banking hours” had led to some delays but denied allegations of a freeze. The company later confirmed that all withdrawal requests had been successfully processed. While crypto withdrawals are not possible for everyone using CoinDCX, this is a pre-existing situation that is part of the company’s risk policy and was not caused by the hack itself.
Furthermore, the exchange faced accusations of a 17-hour-long delay when it came to updating customers about the hack. CoinDCX defended its actions and said it needed to have all the information before issuing a statement to customers but said investigating agencies were immediately informed and onboarded.
“Our first priority is always to act, not just to speak. Before making a public statement, we had to ensure the threat was fully contained, our platform was secure, and all customer funds were safe. Communicating with incomplete or unverified information would have been irresponsible and could have caused unnecessary panic,” said co-founder Sumit Gupta.
Other CoinDCX users raised complaints about temporary price drops for certain assets, as well as some tokens being under maintenance, which the company also addressed.
How are the CoinDCX and WazirX hacks different?
Just a little over a year ago, on July 18, 2024, WazirX was targeted by North Korean cyber-thieves. That day, a multi-signature wallet that the WazirX exchange was managing with the company Liminal was exploited, leading to the loss of assets worth over $230 million. This was far greater than the losses reported by CoinDCX; WazirX customers’ assets were directly affected by this breach.
After much delay and confusion, WazirX blocked users’ access to their crypto for an indefinite period of time and acknowledged significant losses. By contrast, CoinDCX has stressed that it is business as usual for the exchange, noting on X that its annual revenue exceeds ₹1,100 crores.
WazirX customers demanded that the company use its own profits or funds to cover losses, but the company said this was not possible, citing an ownership dispute with the international crypto exchange Binance. WazirX further decided to carry out its legal restructuring exercise in Singapore.
WazirX users have not been able to access their locked up crypto for over a year and are set to vote for a second time on the amended Scheme of Arrangement. This comes after the first proposed restructuring plan was rejected by the Singapore High Court.
Both WazirX and CoinDCX were hit with criticism for delays in informing their customers about their respective hacks.
What is the lesson for crypto investors in India?
Investors in India should remember that crypto trading is a largely unregulated activity in the country; even users of centralised, FIU-registered exchanges can expect little to no support from the Indian authorities in case of a crisis such as a security breach.
Satnam Narang, Senior Staff Research Engineer at Tenable, explained that if users want full control of their coins, they should consider self-custody options like an offline, hardware cold wallet they directly control. Even here, due diligence is required in order to buy only trusted hardware wallets from legitimate sellers, according to him.
“As more and more exchanges have been set up across the world, we have seen reports of attacks targeting smart contract flaws or other ways to steal funds from these exchanges including but not limited to social engineering, theft of credentials or private keys or targeting a third-party company that works with the targeted organization,” said Mr. Narang, noting that the CoinDCX hack was one of the largest cryptocurrency breaches since the attack against WazirX last year.
He highlighted that when crypto prices go up, there is also a rise in attacks against both exchanges and customers. Mr. Narang said that traders storing coins on crypto exchanges should use multi-factor authentication and strong passwords, or store their coins securely offline, if possible.
“There is an old adage in the cryptocurrency space that says: “not your keys, not your crypto/coins”. As long as users store their cryptocurrency on an exchange, those coins don’t necessarily belong to them because the exchange could ban their account or an exchange hack could lead to the loss of coins,” explained Mr. Narang.
Published – July 26, 2025 08:00 am IST
