In July 2024, Indian crypto exchange WazirX was hit by a $230 million hack, one of the largest crypto breaches.
A year later, the scars from that incident still linger, and it resurfaced in public discourse when CoinDCX co-founder Sumit Gupta recently took a jab at WazirX’s offshore move and rebranding as Zensui, calling it “unfortunate” and holding up CoinDCX’s compliance-first identity.
But just days later, CoinDCX found itself in the crosshairs.
On July 19, 2025, the exchange suffered a major exploit, resulting in approximately $44 million in losses. The attack, which targeted an operational account used for liquidity provisioning on a partner exchange, was not disclosed by the company until blockchain investigator Cyvers and ZachXBT posted about it on X, seventeen hours after the breach.
Our system has detected a hack into @CoinDCX centralized exchange 20 hours ago.
— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) July 19, 2025
Here's what we know:
- The hacker stole around $44.2M in USDC/USDT from one of the exchange's operational wallets on Solana.
- The hacker funded the hack with 1 ETH from Tornado Cash.
- Part of the… pic.twitter.com/5PLliaZ6m4
According to ZachXBT, the attacker funded the wallet with 1 ETH via Tornado Cash and bridged a portion of the funds from Solana to Ethereum. Only after this was publicly flagged did Gupta acknowledge the breach, describing it as a “sophisticated server breach.” He emphasized that no customer assets were impacted and that the losses would be covered from CoinDCX’s treasury.
However, transparency or the lack thereof quickly became a point of contention. Screenshots surfaced showing a CoinDCX team member encouraging community users on Discord to engage with Gupta’s post, thank him for his transparency, and follow a structured comment format.
ZachXBT posted the screenshot with the caption:
“Why is a CoinDCX team member telling people to engage with this post and thank you for the ‘transparency’? Your team waited 17 hours to disclose (not until after it was alerted publicly).”
Why is a CoinDCX team member telling people to engage with this post and thank you for the “transparency”?
— ZachXBT (@zachxbt) July 19, 2025
Your team waited 17 hours to disclose (not until after it was alerted publicly) pic.twitter.com/jElwOd9IHY
This triggered a wider online backlash.
Another user, urahara.eth, pointed out that it wasn’t just ZachXBT but also CyversAlerts who flagged the suspicious withdrawals before any official communication came from CoinDCX.
“They did not mention it anywhere until Cyvers flagged the sus withdrawals… glad I never touched these stupid Indian exchanges,” the post read.
So @CoinDCX's treasury was hacked for 44M$ days ago
— urahara.eth (@0xAsta) July 19, 2025
But they did not mention it anywhere until @CyversAlerts flagged the sus withdrawals to @zachxbt and zachXBT found the whole thing
When @zachxbt made a post on his telegram , they finally admitted it and then made a discord… pic.twitter.com/GllhNwjoPa
As scrutiny mounted, a different wave of posts began surfacing, ones that sought to restore public confidence.
A user named "Seeking Connection Summer of Shibarium" posted a heartfelt thank-you to Sumit Gupta, saying he had ₹12 lakh stuck in CoinDCX and was personally reassured via DM by Gupta.
His post, complete with Gupta’s photograph, described the CEO as a “gem of a person” and said, “I’m staying with CoinDCX forever.”
Thank you so much, @smtgpt Sir 🙏 You're truly a gem of a person.
— Seeking Connection Summer of Shibarium (@MilanAr97154294) July 20, 2025
Your personal DM during such a stressful time meant the world to me — it’s extremely rare to see a CEO personally reaching out, and that speaks volumes about your character and leadership. 💯
I was under immense… pic.twitter.com/g6LuEXatXP
Another user, Exper1ment, amplified the sentiment, warning against “spreading FUD” and arguing that negativity could set crypto adoption in India back by months.
This brother @MilanAr97154294 was really stressed ₹12 lakh stuck in CoinDCX.
— Exper1ment🇮🇳 (@imarup45) July 20, 2025
He reached out to @smtgpt, and thankfully got a quick, reassuring response.
Today, I saw his tweet — he received his funds back
It’s honestly a relief.
From my side, I just want to say this:
Before… https://t.co/DsJJbkFJXW pic.twitter.com/1KYDjklxFT
This sudden swell of praise didn’t go unnoticed.
“Many influencers are sold to CoinDCX last night to push their 17h late so-called ‘transparency post,’” wrote 0xShivaraj. He claimed that only one influencer—@CryptooAdy (Aditya Singh, Co-Founder or Crypto India)—“stood the ground to speak the truth.”
Many influencers are sold to CoinDCX last night to push their 17h late so called “Transparency post”
— 0̷xShivaraj (@0xShivaraj) July 20, 2025
Only @CryptooAdy bhai stood the ground to speak the truth.
We should ask the right questions here as well.
Indeed, Singh raised two pointed questions that resonated with the community. First, why did it take 17 hours and an external alert for CoinDCX to make the announcement? And second, with the exchange’s Okto app still under maintenance, what about users who have open trade positions and cannot access their assets?
Sumit Gupta responded directly, stating that the team was in the midst of a “thorough investigation” and waited until it had full clarity and completed security approvals before publishing any statement.
“The timing of Zach’s tweet was purely coincidental,” he noted. He also assured that Okto Web3 would be back soon, and that the team was “actively working on it.”
Coindcx was hacked for $44 Million, Coindcx CEO announced that users funds remain safe and will cover the loss from their own treasury.
— Aditya Singh (@CryptooAdy) July 19, 2025
Really appreciate the move to cover hacked funds from their own treasury but few community questions that needs to be addressed:
1) Why did…
As it stands, the situation is less about the hack itself, which the company claims was contained, and more about how it was handled. The combination of a delayed disclosure, coordinated community management, and sudden counter-narratives has led to skepticism.
Was the post with Gupta’s photograph a genuine expression of relief or part of a broader “counterturbulence” play? Are influencers rallying around the company organically, or as part of a reputation-cleanup strategy?
The lines between damage control and community engagement seem to be blurring. For a firm that has long positioned itself as India’s compliance-first crypto exchange, the current discourse reflects a trust issue not just with security protocols, but with communication ethics.
In the coming days, CoinDCX’s actions will likely be scrutinized not just for what they say, but who says it, and when.
Edited by Harshajit Sarmah
