CoinDCX Suffers Security Breach; Internal Wallet Compromised
CoinDCX Confirms Security Breach
CoinDCX, a leading cryptocurrency exchange in India, recently disclosed a security breach affecting one of its internal operational wallets. The incident was reported after on-chain investigators like ZachXBT and Cyvers Alerts detected suspicious transactions.
Key Takeaways
- CoinDCX experienced a security breach that compromised an internal operational wallet.
- Customer funds are unaffected, and the exchange is actively working to recover stolen assets and improve security measures.
Breach Details and Response
CoinDCX CEO Sumit Gupta confirmed the breach, stating that an internal operational account used for liquidity provisioning on a partner exchange was compromised due to a sophisticated server breach.
"Today, one of our internal operational accounts – used only for liquidity provisioning on a partner exchange – was compromised due to a sophisticated server breach," said Sumit Gupta.
Gupta reassured users that customer funds stored in cold wallets remain secure, and trading activities and INR withdrawals are operating normally. CoinDCX plans to cover the losses from its treasury reserves, ensuring no impact on user balances.
Ongoing Investigation and Security Enhancements
CoinDCX has engaged cybersecurity experts to investigate the breach, identify vulnerabilities, and track the movement of the stolen funds. The exchange is collaborating with its partner to block and retrieve the assets. Additionally, CoinDCX intends to launch a bug bounty program to bolster its security efforts.
Industry Context
This incident follows a similar event last year when WazirX, another major Indian crypto exchange, was hacked for over $200 million. That breach was attributed to North Korea’s Lazarus Group and involved a compromised multi-signature wallet.
As the blockchain landscape evolves, ensuring robust security measures are critical. Codeum provides comprehensive blockchain security solutions, including smart contract audits and KYC verification, to protect your projects and investments. Learn more about our services.