India’s cryptocurrency exchange, CoinDCX, after confirming a cyberattack that resulted in a loss of approximately $44 million from its internal operational account, has now launched the CoinDCX Recovery Bounty Program. The initiative aims not only to recover the stolen funds but also to identify and ensure legal action against the individuals responsible for the CoinDCX cyberattack.
The cyberattack on CoinDCX, which occurred on July 19, 2025, specifically targeted an internal operational account used for liquidity provisioning on a partner exchange. According to CoinDCX, no customer funds were compromised during the incident. All user assets remain secure in cold wallets with multi-layered custody and offline security controls.
CoinDCX Recovery Bounty Program Launched
In an official statement, CoinDCX said the Recovery Bounty Program is an effort to unite the Web3 ecosystem against cyber threats. “Cybercrime is an attack on trust. And when one of us is targeted, all of us feel it,” the company said, adding that the attack was not just about stolen assets, but about the principles of “freedom, transparency and trust” that Web3 aims to uphold.
“We are not doing this to chase what was lost –we’re doing this to protect what still can be saved: our collective trust,” the company emphasized. “This bounty is not a cry for help – it’s a stand for the future. If this can happen to us, it can happen to anyone.”
The CoinDCX Recovery Bounty Program bounty program offers up to 25% of any recovered funds, with the maximum potential reward pool reaching $11 million, depending on full recovery. The reward will be given to individuals or teams who can provide actionable intelligence that leads not just to fund recovery, but also to the identification and legal prosecution of the attackers.
Recovery Program Details
The CoinDCX Recovery Bounty Program is open to ethical hackers, white-hat researchers, and cybersecurity professionals committed to enhancing digital asset safety. Key details include:
- Reward: Up to 25% of all successfully recovered funds
- Maximum Pool: $11 million if full recovery is achieved
- Objective: Obtain actionable intelligence that leads to fund recovery, identification, and legal resolution
Those interested in contributing can reach out via [email protected]. CoinDCX has stated that every credible lead will be evaluated fairly and transparently.
CoinDCX Cyberattack: What Happened?
CoinDCX revealed that the cyberattack involved a server breach that compromised an internal account used only for operational purposes. As soon as the breach was detected, the affected systems were isolated, and the attack was contained. The company also reassured users that its wallet infrastructure was not affected in CoinDCX cyberattack, as the design separates customer assets from operational accounts.
The financial impact was absorbed entirely through CoinDCX’s treasury reserves, which the company claims were maintained precisely for handling such incidents.
“We want to be upfront – the loss was from our own treasury, and we’ve already absorbed it through our reserves. CoinDCX remains financially strong and fully operational,” the statement read.
Strengthening Security and Oversight
Even though no customer assets were touched, CoinDCX has initiated a comprehensive review of its infrastructure. “We’ve gone deeper – tightening security and redesigning parts of our infrastructure to ensure this never happens again,” the company noted.
The firm has informed India’s national cybersecurity agency CERT-In and is actively working with two globally reputed cybersecurity firms to conduct in-depth forensic investigations. CoinDCX also stated it would make public the investigation findings to help the larger crypto community understand the nature of the attack and improve their own defenses.
The company is also collaborating with blockchain forensics firms and partners to trace the attacker’s movements across digital wallets and exchanges. All regulatory obligations are reportedly being fulfilled, and CoinDCX has committed to full cooperation with authorities throughout the investigation and recovery process.
Operational Continuity
Despite the CoinDCX cyberattack, Company’s trading platform remains fully functional. Users can continue to perform trades, deposit INR, and make withdrawals without interruption.
INR withdrawals below ₹5 lakhs are being processed within five hours, while amounts above ₹5 lakhs are being cleared within 72 hours.
The company reassured users that it maintains a segregated reserve system specifically designed to handle unexpected losses without affecting customer operations.
Conclusion
While CoinDCX has been applauded for its transparency and quick response, the breach highlights the persistent and evolving nature of cyber risks in the crypto space.
The exchange’s candid admission that “this could happen to anyone” signals a call for collective resilience and reform. It is believed that more firms will begin investing in proactive cybersecurity frameworks, better internal controls, and faster incident response strategies following this breach.
“This is not just about CoinDCX, it’s about protecting the integrity of the wider Crypto ecosystem,” the company stressed. “We’re leveraging every available legal, technical, and investigative channel to ensure accountability and reinforce security across the board.”
