Computer Forensics Company: The Netherlands’ National Cyber Security Centre (NCSC) is warning that a critical Citrix NetScaler vulnerability tracked as CVE-2025-6543 was exploited to breach “critical organizations” in the country. The critical flaw is a memory overflow bug that allows unintended control flow or a denial of service state on impacted [...]
Digital Forensics:
Indian crypto exchange CoinDCX was reportedly exploited for approximately $44.2 million, according to blockchain sleuth ZachXBT and security firm Cyvers.
The exchange’s CEO confirmed that an internal wallet has been compromised. However, he stated that customer funds remain safe.
ZachXBT reported the incident today stating that an attacker address received 1 ETH via Tornado Cash, then went on to bridge funds from Solana to Ethereum.
The flow of assets suggests a coordinated cross-chain laundering strategy.
Meanwhile, on-chain data confirms the fund movement across multiple addresses and protocols. The compromised wallet was not part of CoinDCX’s published proof-of-reserve reports, requiring manual attribution.
Cyvers discussed about this hack in an exclusive commentary with BeInCrypto.
“This hack is part of a recent wave of exchange breaches – including Bybit, WazirX, and others – are stark reminders that centralized platforms remain prime targets for sophisticated access control attacks. In Q2 2024 alone, over 65% of losses in Web3 originated from CEX-related incidents, with nearly $500 million lost due to wallet access breaches. These are not isolated events – they’re systemic weaknesses. We urge exchanges to rethink their security posture and move beyond reactive defenses. Real-time wallet monitoring and preemptive solutions like Cyvers’ Threat Interceptor are no longer optional – they’re essential to ensure your platform doesn’t become the next headline.” said Meir Dolev, Cyvers CTO
CoinDCX Co-founder and CEO Sumit Gupta acknowledged the incident hours after ZachXBT’s post. He clarified that the breach involved an internal wallet used for liquidity on a partner exchange, not a user-facing wallet.
Hi everyone,
At @CoinDCX, we have always believed in being transparent with our community, hence I am sharing this with you directly.
Today, one of our internal operational accounts – used only for liquidity provisioning on a partner exchange – was compromised due to a… pic.twitter.com/L1kZhjKAxQ
— Sumit Gupta (CoinDCX) (@smtgpt) July 19, 2025
According to the statement, the platform is investigating the server breach that led to the compromise. It has since frozen the affected internal systems and is working with security experts to contain the incident.
The breach was initially flagged by Cyvers Alerts, a blockchain threat intelligence firm that detected the suspicious withdrawals from CoinDCX’s hot wallet. The funds were quickly routed through multiple wallets, making tracing complex.
This is a developing story.
Disclaimer
In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and Conditions, Privacy Policy, and Disclaimers have been updated.
Digital Forensics: The cybersecurity exploit occurred due to a “sophisticated server breach,” CoinDCX CEO and co-founder Sumit Gupta announced on Saturday. Indian cryptocurrency exchange CoinDCX was hacked on Friday, leaving ...
Computer Forensics Company: The Netherlands’ National Cyber Security Centre (NCSC) is warning that a critical Citrix NetScaler vulnerability tracked as CVE-2025-6543 was exploited to breach “critical organizations” in the country. The [...]
Igniting Digital Vigilance
Solutions
Contact
info@thorsolution.com
310-270-0598
Post comments (0)