India’s two largest crypto exchanges, WazirX in 2024 and now CoinDCX in 2025, have both been hit by major hacks. What is even more shocking is that both attacks happened on the same date, a year apart, and followed the same pattern. Experts say that this is no coincidence.
The cybersecurity firm Cyvers, which detected both the breaches, believes that the latest attack on CoinDCX shows clear signs of involvement by North Korea’s Lazarus Group. This group is known for targeting centralized exchanges using advanced, state-sponsored tactics.
The CoinDCX hack led to a loss of $44.2 million (₹368 crore). The entire attack took just five minutes, using a complex setup that involved multiple chains and crypto tools.
Cyvers CEO Deddy Lavid pointed out multiple signs suggesting Lazarus Group’s involvement, like targeting centralized systems, exploiting cross-chain bridges, and hiding transactions using Tornado Cash. The attackers had a deep understanding of exchange liquidity flows.
On July 16, hackers moved funds through Tornado Cash, FixedFloat, Polygon, and finally to Solana. On July 18, they tested with 1 USDT, then quickly stole $44 million in just five minutes. Cleanup transfers followed an hour later.
But the breach only came to light after blockchain investigator ZachXBT posted about it. CoinDCX has also offered 25% of recovered funds to ethical hackers who help retrieve the stolen crypto.
This incident reveals a deeper issue. Traditional security systems cannot keep up with the speed and complexity of today’s attacks. In 2024, centralized exchanges saw a 900% increase in losses, mostly due to access control failures and key leaks. Attacks like these bypass standard monitoring tools and move assets across chains faster than human teams can react.
These kinds of hacks are becoming more common. Just in Q2 2024, over 65% of crypto losses came from centralized exchanges like this one. Cyvers notes that the industry needs better real-time monitoring and off-chain checks to prevent more damage.
These hacks serve as a clear warning and highlight the need for enhanced cybersecurity in the Indian crypto market.
Besides, India’s delay in crypto regulations is proving to be very costly. Former Finance Secretary, Subhash Chandra Garg, notes that the lack of clear rules around crypto use cases and trading is contributing to major breaches like the WazirX and now the CoinDCX hack. While the U.S moves ahead with strong crypto laws, India continues to hesitate, and this could hurt the country in the long run.
CoinDCX experienced a $44.2 million hack on July 19, 2025, targeting an internal operational wallet used for liquidity. The exchange has confirmed customer funds are safe, as the loss was covered by its treasury, and has launched a recovery bounty program.
Yes, CoinDCX assured users that customer funds are 100% safe, as all user assets are stored in segregated cold wallets. The loss came from CoinDCX’s own treasury.
The hackers used Tornado Cash, a crypto mixer, to obscure the transaction trails of the stolen funds, making them more difficult to trace.
For years, XRP has been making headlines in the crypto world: part lawsuit survivor, part…
Crypto markets are heating up as analysts set bold targets for leading altcoins, with Solana…
Shiba Inu navigates increasingly choppy waters. Its recent performance? A bit flat, if we’re honest.…
World Liberty Financial (WLFI), a crypto project linked to the Trump family, is under fire…
Ethereum's stablecoin supply has reached a new milestone of $172.2 billion, driven by increased minting…
Ripple has confirmed that BlackRock’s Director of Digital Assets, Maxwell Stein, will join SWELL 2025,…
