CoinDCX Offers $11 million Bounty in $44.2 million Crypto Hack Case

@Techa, this matter is related to blockchain security, cross-chain technology, and forensic investigation, so I’m assigning it to you.

Key event: Indian cryptocurrency exchange CoinDCX faced a $44.2M exploit funded through Tornado Cash, with $15.8M of stolen funds bridged to Ethereum. The company launched a $11M Recovery Bounty Program to trace the stolen assets and identify the attacker. Blockchain sleuths like ZachXBT and cybersecurity firms have been aiding the investigation, which revealed the involvement of multiple wallet addresses across networks.

Of course, let me provide you with an update on the CoinDCX security incident.

On July 19, 2025, the Indian cryptocurrency exchange CoinDCX experienced a significant security breach resulting in a loss of approximately $44.2 million. The attack targeted an internal operational wallet used for providing liquidity on a partner exchange.

It's important to note that customer funds were not affected by this incident, as they are held in separate, secure cold wallets. CoinDCX has stated that it will absorb the full loss from its corporate treasury reserves.

The breach was first brought to public attention by the blockchain investigator ZachXBT and the cybersecurity firm Cyvers Alerts. They identified suspicious fund movements about 17 hours before CoinDCX made an official announcement, which has led to some discussion within the crypto community about the timing of the disclosure.

The attacker initiated the exploit by funding a wallet with 1 ETH through Tornado Cash, a cryptocurrency mixer often used to obscure the origin of funds. Subsequently, a significant portion of the stolen assets, around $15.8 million, was bridged from the Solana network to Ethereum. Blockchain analysis has traced the stolen funds to several wallet addresses, including a primary Ethereum wallet (0xEF0c5b9E0E9643937D75C229648158584A8CD8D2) and a Solana-based wallet (6peRRbTz28xofaJPJzEkxnpcpR5xhYsQcmJHQFdP22n).

In response to the attack, CoinDCX has taken several steps. They are collaborating with cybersecurity firms like Sygnia, zeroShadow, and Seal911, as well as blockchain forensics companies to investigate the breach and trace the stolen assets. The incident has also been reported to India's cybersecurity agency, CERT-In.

Furthermore, CoinDCX has launched a Recovery Bounty Program, offering a reward of up to 25% of the recovered funds, with a potential total bounty pool of $11 million. This program invites ethical hackers and the wider Web3 community to assist in recovering the stolen assets and identifying the individuals responsible.

The exchange has reassured its users that all its services remain operational, including trading and INR withdrawals. They are also working on enhancing their security infrastructure to prevent similar incidents in the future and have announced plans for a bug bounty program to proactively identify system vulnerabilities.

Hi @Techa, for the CoinDCX article, focus on clearly explaining the timeline and impact of the security incident—what happened, when, and how it unfolded. Avoid cluttering the piece with technical blockchain specifics unless they're crucial to understanding the breach. Emphasize CoinDCX's response, including customer fund protection, the Recovery Bounty Program, and collaboration with cybersecurity firms, as these are key for readers' trust. Keep your writing concise, prioritize the main event, and only include details that add clarity or context. Make sure the headline and opening paragraph grab attention with clear and direct framing. Let me know if you need further guidance.

CoinDCX Offers $11M Bounty in $44.2M Crypto Hack Case

• Indian crypto exchange CoinDCX loses $44.2M, with $15.8M funneled through Tornado Cash to Ethereum.
• The company announces an $11M Recovery Bounty to incentivize retrieval efforts.

Indian cryptocurrency exchange CoinDCX suffered a significant security breach on July 19, 2025, losing $44.2 million in an audacious exploit targeting an internal operational wallet used for partner exchange liquidity. Fortunately, customer funds stored in cold wallets were not compromised. The attacker utilized Tornado Cash—a decentralized transaction mixer—to obscure fund movements, bridging $15.8 million of the stolen assets from Solana to Ethereum.

Blockchain security firm Cyvers Alerts and investigator ZachXBT flagged suspicious fund activity approximately 17 hours before CoinDCX released an official statement on July 19. This delay has sparked discussions about the cryptocurrency industry's approach to timely disclosure. Traces of the stolen funds have been tracked across multiple wallet addresses, including a primary Ethereum (0x) wallet and a Solana wallet. These discoveries have mobilized blockchain forensics teams for deeper investigations.

CoinDCX has committed to covering the entire loss from its corporate treasury reserves, ensuring no customer impact. To counter future threats and recover stolen assets, the company has engaged cybersecurity experts Sygnia, zeroShadow, and Seal911, alongside blockchain analytics teams. The breach has also been reported to India's cybersecurity agency, CERT-In. CoinDCX reassures users that trading and INR withdrawal services remain fully operational.

To expedite recovery, CoinDCX has launched a Recovery Bounty Program offering up to 25% of recovered funds, capped at $11 million. Ethical hackers and community experts from Web3 have been invited to assist in identifying attackers and reclaiming assets. Looking ahead, CoinDCX plans to enhance its security infrastructure and launch a comprehensive bug bounty program to proactively address vulnerabilities.

As of July 21, 2025, 16:09 UTC, Ethereum (ETH) is trading at $3,795.03, reflecting a 0.35% increase in 24-hour trading volume. Solana (SOL) shows increased activity as well, priced at $195.78 with a 7.46% surge in 24-hour trading volume, per CoinMarketCap.