TLDR: CoinDCX lost $44.2M in a hack targeting an internal liquidity wallet, but customer funds stored in cold wallets remain secure.The breach was discovered after 17 hours, with stolen funds moved via Tornado Cash and bridged across Ethereum and Solana.CoinDCX is covering the full loss from its treasury and has launched a bug bounty program to support fund recovery efforts.Most platform services remain operational as CoinDCX works with cybersecurity experts and partners to trace the stolen assets.CoinDCX, one of India’s top crypto exchanges, has confirmed a $44.2 million hack that occurred on July 19, 2025. The company assured users that all customer assets remain safe, as the breach affected only an internal operational wallet. The wallet was used for liquidity provisioning and was not connected to user funds or the exchange’s cold wallets. The loss is being covered by CoinDCX’s treasury, and the exchange continues to operate most services.CoinDCX Internal Wallet Breached in Security IncidentCoinDCX said that the compromised wallet was not part of the customer asset storage system. It was instead used for managing liquidity on a partner platform. According to CEO Sumit Gupta, the breach occurred due to a targeted server vulnerability. He shared on X that the issue was quickly contained once detected.Source: XBlockchain investigator ZachXBT reported the suspicious activity before the exchange released an official statement. Cyvers Alerts also flagged unusual transactions, which showed stolen funds being moved across blockchains. The attacker initiated the breach with 1 ETH and routed assets through Tornado Cash, a crypto mixer known for obfuscating transactions.Customer Funds Segregated and SafeCoinDCX confirmed that customer assets are stored in cold wallets that are offline and isolated from internal operational accounts. These cold wallets follow proof-of-reserve practices to ensure user assets remain protected in such situations. The company stressed that no user funds were at risk during or after the attack.The company has paused some features temporarily, including Web3 services and select spot orders. However, most platform features, including INR withdrawals and core trading, remain active while the investigation continues.Recovery Efforts and Community ResponseCoinDCX is working closely with cybersecurity experts and blockchain forensics firms to trace and recover the stolen funds. The attacker used Tornado Cash and moved assets between Ethereum and Solana to hide their origin. These tactics were intended to make tracking difficult, but the company has shared attacker wallet addresses to assist in recovery.CoinDCX launched a recovery-focused bug bounty program, offering up to 25% of recovered funds to contributors. The exchange has also started collaborating with partner exchanges to freeze any stolen assets that enter other platforms.The exchange’s delay in publicly confirming the breach drew criticism from users and analysts. Some questioned the gap between the initial transaction and the announcement, which was over 17 hours. Others acknowledged the transparency shown by the leadership after the incident became public.Industry Concerns After Multiple HacksThe CoinDCX hack came almost exactly one year after WazirX, another Indian exchange, lost $235 million in a similar breach. In that case, attackers also used Tornado Cash to cover their tracks. These incidents have raised concerns about ongoing threats faced by centralized exchanges in India and globally.This year alone, multiple crypto platforms have faced breaches, including Iranian exchange Nobitex and DeFi projects like Arcadia Finance and GMX. While most exchanges have taken steps to recover losses or secure user assets, the frequency of such attacks remains a challenge for the industry.CoinDCX has assured its users that they will remain updated as the investigation develops and recovery efforts continue. The team has stated that the protection of customer assets remains its top priority. The post CoinDCX Reports $44 Million Hack but Assures All User Funds Are Secure appeared first on Blockonomi.