VERDICT —UNRATED
Verdict pending. Auto-ingested incidents are reviewed before a public verdict is rendered.
▰ METHOD
Undisclosed
Root cause
Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Forensic narrative
On July 19, on-chain investigator ZachXBT posted on his personal channel: “Looks like the India centralized exchange 'CoinDCX' was likely drained for ~$44.2M almost 17 hours ago and has yet to disclose the incident to the community.” Shortly afterward, the company confirmed the breach on X, describing it as a “sophisticated server breach” and stating that only corporate funds were affected. Attack method (per SlowMist): Security Vulnerability. Reported loss: $ 44,200,000.
Primary source
https://x.com/CoinDCX/status/1947625144379445682 ↗Sourced from
slowmist
Technical record
- chain
- —
- protocol
- CoinDCX
- bug_class
- unknown
- date_occurred
- 2025-07-19
- loss_usd
- $44,200,000
- source_id
- sm:coindcx::2025-07-19
Related — same bug class