Indian cryptocurrency exchange CoinDXC announced a recovery effort after falling victim to a $44 million exploit on Friday, with the firm pledging a bounty for ethical hackers who help retrieve the stolen funds.
CoinDXCâs internal accounts used for âliquidity provisionâ were exploited on Friday, leading to $44 million worth of cryptocurrency being stolen, while user funds remained unaffected.
In an effort to recover the stolen funds, CoinDCX CEO Sumit Gupta announced a new recovery bounty program that offers white hat hackers up to 25% of any recovered funds they can help trace and retrieve.
âThe exposure was from our own reserves, and we have already absorbed it through our corporate treasury,â said Gupta in a Monday X post, adding:
âMore than recovering the stolen funds, what is important for us is to identify and catch the attackers, because such things shouldnât happen again, not with us, not with anyone in the industry.â
The hack âdoesnât impact any of our customers and the platform continues to run as normal,â he added.
The CoinDCX hack occurred a year after an unknown hacker stole over $230 million from WazirX, also an Indian cryptocurrency exchange, in the second-largest cryptocurrency hack of 2024.
Still, these hacks pale compared to the over $1.4 billion exploit suffered by the Bybit exchange on Feb. 21, the largest crypto theft in history.Â
Related: Bybit hacker launders 100% of stolen $1.4B crypto in 10 days
CoinDCX hack marks new wave of crypto exchange exploits
The CoinDCX hack is part of a renewed wave of exploits on centralized cryptocurrency exchanges, according to Michael Pearl, vice president of GTM strategy at blockchain security firm Cyvers.
The recent exchange hacks serve as âstark reminders that centralized platforms remain prime targets for sophisticated access control attacks,â Pearl told Cointelegraph, adding:
âIn Q2 2024 alone, over 65% of losses in Web3 originated from CEX-related incidents, with nearly $500 million lost due to wallet access breaches.â
âThese are not isolated events, theyâre systemic weaknesses,â Pearl said, adding that the Cyvers team âurges exchanges to rethink their security postureâ and move to preemptive solutions such as real-time wallet monitoring.
Related: Over 70% of hacked funds are lost to CeFi entities â Cyvers
Preemptive solutions, including offchain transaction validation, could prevent 99% of crypto hacks and scams by simulating and validating blockchain transactions in an offchain environment before mainnet execution, Pearl said.
Magazine: Coinbase hack shows the law probably wonât protect you â Hereâs why
