article 🔐💰 Massive $44M CoinDCX Hack Traced to North Korean Lazarus Group 💰🔐

Please Register !

What Happened?

On July 19th, Indian cryptocurrency exchange CoinDCX fell victim to a devastating cyberattack, with hackers making off with a staggering $44 million. Although the exchange quickly confirmed the incident, they assured users that personal funds remain safe and unaffected.

According to cybersecurity specialists at Cyvers, all signs point to the North Korean Lazarus Group—a notorious hacking syndicate with a long history of targeting crypto platforms. Interestingly, this exploit followed an almost identical pattern to last year's WazirX hack, which occurred on the very same date and resulted in $234 million being siphoned off through dubious transactions.

Please Register !

How Did It Happen So Fast?

Experts highlighted the speed, precision, and sophistication behind this breach as deeply concerning. The hackers orchestrated their attack meticulously, beginning with a small-scale test transaction of 1 USDT on July 16th.

Just days later, within a window of merely five minutes, they managed to drain $44 million in USDT through seven rapid-fire transactions. The funds were extracted from one of CoinDCX’s operational wallets on the Solana blockchain.

Please Register !

A Pattern of Attacks on Indian Exchanges

The Cyvers team was quick to draw parallels between the CoinDCX breach and the previous WazirX hack, emphasizing that these aren't random coincidences but calculated moves targeting India’s top crypto exchanges.

Please Register !

The Lazarus Group’s Signature

This attack bears all the hallmarks of the Lazarus Group:

They’ve made headlines before with high-profile breaches, and this latest incident only reinforces the need for heightened security across the crypto industry.

Please Register !

CoinDCX Responds with Bounty Program

In a bid to recover the stolen assets, CoinDCX launched a recovery bounty initiative. The platform is offering up to 25% of any recovered funds as a reward to individuals or teams who can successfully help track and retrieve the stolen crypto.

CoinDCX CEO Sumit Gupta voiced his determination on X (formerly Twitter):

Depending on the outcome, the bounty could total as much as $11 million.

Please Register !

Key Takeaways

• Hack Amount: $44.2M stolen in USDC/USDT

• Timeframe: Funds stolen in 5 minutes

• Blockchain: Solana

• Suspected Group: North Korean Lazarus

• Related Incidents: WazirX hack, same date last year

Please Register !

Potential Lessons for the Industry

Please Register !

Final Thoughts

This breach underscores a troubling reality: no crypto exchange is too big or too prepared to be a target. Indian platforms, in particular, must recognize the strategic interest groups like Lazarus place on their markets.