Crypto exchange CoinDCX loses $44M in a cyberattack
What's the story
India's second-largest cryptocurrency exchange, CoinDCX, has confirmed a major cyberattack on its platform. The breach, which took place yesterday, saw hackers siphoning off around $44 million from one of the company's internal accounts. This comes just a year after another Indian crypto exchange, WazirX, suffered a similar fate with a $234 million hack.
Immediate actions
Sophisticated server breach to blame: CEO
Following the attack, CoinDCX co-founder and CEO Sumit Gupta said that an internal operational account used for liquidity provisioning on a partner exchange, was compromised due to a sophisticated server breach. He assured users that customer assets stored in CoinDCX wallets were not affected by the incident and are completely safe. Trading activity and INR withdrawals remain unaffected.
Ongoing investigation
Web3 operations halted as a precautionary measure
Gupta said that cybersecurity experts are working with CoinDCX's internal security and operations teams to investigate the incident, patch vulnerabilities, and also trace the movement of funds. The firm has also halted its Web3 operations as a precautionary measure. However, Gupta has reiterated that customer funds on CoinDCX Web3 remain safe amid these developments.
Recovery efforts
CoinDCX to launch bug bounty program
In the wake of this incident, CoinDCX will work with its exchange partner to block and recover assets. The company also plans to launch a bug bounty program soon. "Every security incident is a learning, and we will learn from this and further strengthen our platform," Gupta said. He promised that they would collaborate with experts to secure their industry against such cyber threats in the future.