Why The Many Hacks on Exchanges?

[Glowy]

Indian exchange CoinDCX has suffered a cybersecurity attack, resulting in the loss of $44 million. This incident comes exactly one year after Indian exchange WazirX suffered a $235 million hack.

CoinDCX Server Breach: User Funds Secure
In an X post on July 19, CoinDCX CEO Sumit Gupta said that the crypto exchange suffered a server breach to one of its internal operational accounts. Gupta said that the affected wallet address is only used for liquidity supply on a partner exchange. Therefore, all assets in user wallets are safe and accounted for, with INR withdrawals fully functional.

Furthermore, the CoinDEX CEO states the hack has been contained by isolating the affected operational account. Meanwhile, the value of the total lost assets would be offset by the exchange’s reserve as they commence efforts to track down the parties behind this hack.

Gupta explains that these efforts involve various legs, ranging from an ongoing internal security review to the planned launch of a bug bounty program.



Source: https://www.mitrade.com/insights/news/live-news/article-3-972415-20250720

[Ojima-ojo]

The attack was reported by an investigator 24 hours ago but the report is just coming up now, will this is another pointer to take your self custody seriously.


Because not your keys, not your coins.

Looks like the India centralized exchange 'CoinDCX' was likely drained for ~$44.2M almost 17 hours ago and has yet to disclose the incident to the community.

The attacker address was funded with 1 ETH from Tornado Cash and later bridged a portion of the stolen funds from Solana to Ethereum.

H/t Cyvers for flagging the withdrawals to me. The affected CoinDCX hot wallet is not publicly tagged or in current proof of reserves so I had to manually attribute it via reviewing counterparties.

Theft address
6peRRbTz28xofaJPJzEkxnpcpR5xhYsQcmJHQFdP22n
3btch8cSVp3Uh2SiY9DeiRNYUBmFiBNHZQzDyecJs7Gu
0xEF0c5b9E0E9643937D75C229648158584A8CD8D2

Above is the coin movement details and wallets by the hackers.

[Charles-Tim]

The attack was reported by an investigator 24 hours ago but the report is just coming up now, will this is another pointer to take your self custody seriously.


Because not your keys, not your coins.

Looks like the India centralized exchange 'CoinDCX' was likely drained for ~$44.2M almost 17 hours ago and has yet to disclose the incident to the community.

The attacker address was funded with 1 ETH from Tornado Cash and later bridged a portion of the stolen funds from Solana to Ethereum.

H/t Cyvers for flagging the withdrawals to me. The affected CoinDCX hot wallet is not publicly tagged or in current proof of reserves so I had to manually attribute it via reviewing counterparties.

Theft address
6peRRbTz28xofaJPJzEkxnpcpR5xhYsQcmJHQFdP22n
3btch8cSVp3Uh2SiY9DeiRNYUBmFiBNHZQzDyecJs7Gu
0xEF0c5b9E0E9643937D75C229648158584A8CD8D2

Above is the coin movement details and wallets by the hackers.

It is worth knowing that there is a report about it already on this forum since yesterday: https://bitcointalk.org/index.php?topic=5550951.msg65600612#msg65600612

[sunsilk]

Most exchanges have the reserve to start all over again if some hacks like this happens. And that's for assuring them that they can still get up after someone did them a mess.

Why The Many Hacks on Exchanges?

That's because they're known to have a lot of funds in their hot and cold wallets.

And so, wherever the money is on, the eyes of the hackers are also there and they'll try to penetrate them if they know that they can.

Otherwise, if these exchanges have stronger security and being updated from time to time, they will have hard time in exploiting them.

[condoras]

That's because they're known to have a lot of funds in their hot and cold wallets.

And so, wherever the money is on, the eyes of the hackers are also there and they'll try to penetrate them if they know that they can.

That's something that happens to everything valuable that is stored in large numbers in a place. No matter where this place is, the eyes of all the criminals will be on it, seeking ways to take whatever is in it. The better safety system/ structure that you can put/ make, will always make things more difficult for them. However, that doesn't mean that holes can't be discovered, and that's why constant monitoring and upgrading are needed. Now, how many exchangers do that isn't clear from any of them. In any case, they aren't safer than our wallet.

[sunsilk]

That's because they're known to have a lot of funds in their hot and cold wallets.

And so, wherever the money is on, the eyes of the hackers are also there and they'll try to penetrate them if they know that they can.

That's something that happens to everything valuable that is stored in large numbers in a place. No matter where this place is, the eyes of all the criminals will be on it, seeking ways to take whatever is in it. The better safety system/ structure that you can put/ make, will always make things more difficult for them. However, that doesn't mean that holes can't be discovered, and that's why constant monitoring and upgrading are needed. Now, how many exchangers do that isn't clear from any of them. In any case, they aren't safer than our wallet.

We have no idea if the most of them are doing regular checks and updates. But the ones that have been a victim of these hackings have surely learned themselves how to be better in protecting their assets.

And for the ones that haven't experienced it, maybe they're the ones that don't do much upgrade because no exploit has been done to them yet and hoping that they won't be the next victim of these hackers.

Because for as long as there will be an exchange for them to test the security, they are there to do it.

[The Cryptovator]

We know all the reasons why many hack on exchange. Rather than focusing on that, we should take a lesson from these hacks. Every hack teaches us not to store your funds in the exchange. You can say this is a warning from the hacker groups. Mainly hackers target where a large amount has been stored; that would be any financial service that is related to the crypto or an exchange. So they could easily take out the funds. Exchange is the most targeted due to the large amount held by them. If a hacker succeeds in hacking the system, they could withdraw a big amount so quickly.

However, we should care about the hacker's message. It means don't store your funds in any centralised system. Though hackers sometimes gain access to your noncustodial wallet, it does happen due to our own mistakes or greedy behaviour. It compromised your wallet. But something like this happens very rarely. So I will advise taking lessons from hacks.

[Taskford]

We know all the reasons why many hack on exchange. Rather than focusing on that, we should take a lesson from these hacks. Every hack teaches us not to store your funds in the exchange. You can say this is a warning from the hacker groups. Mainly hackers target where a large amount has been stored; that would be any financial service that is related to the crypto or an exchange. So they could easily take out the funds. Exchange is the most targeted due to the large amount held by them. If a hacker succeeds in hacking the system, they could withdraw a big amount so quickly.

However, we should care about the hacker's message. It means don't store your funds in any centralised system. Though hackers sometimes gain access to your noncustodial wallet, it does happen due to our own mistakes or greedy behaviour. It compromised your wallet. But something like this happens very rarely. So I will advise taking lessons from hacks.

Money is the reason on why those situation happen. Those criminals knows that they can get a lot of money if it happens that they can exploit the system on those exchange.

That's the reason why we should be more vigilant upon choosing the right exchange we wish to trade. Also its better for people not to store huge amount because we know many attacks happen and we don't know on when the exchange we are using might experience those hacking issues.

We must be aware on their action made and most important of all we should not bite easily any to good to be true offers so that we will not fall from the hands of the hackers.

[cryptomaniac_xxx]

Most exchanges have the reserve to start all over again if some hacks like this happens. And that's for assuring them that they can still get up after someone did them a mess.

Why The Many Hacks on Exchanges?

That's because they're known to have a lot of funds in their hot and cold wallets.

And so, wherever the money is on, the eyes of the hackers are also there and they'll try to penetrate them if they know that they can.

Otherwise, if these exchanges have stronger security and being updated from time to time, they will have hard time in exploiting them.

It's obvious that it attract cyber criminals before it's a honey pot for them. And even if they have strong security, cyber threat are one step of the game and their attempts are getting daring and bolder, like attacking people that works inside and then they used it to gain access to the system itself. So it's not only the exchanges are vulnerable, everyone inside specially those who have accessed to sensitive information are going to be a target now.

So it's going to be a cat and mouse game, once exchanges have been hack then they will have to react and upgrade their security. But then again, hackers are carefully studying it and so they next exchange will be a target.

[Glowy]

We know all the reasons why many hack on exchange. Rather than focusing on that, we should take a lesson from these hacks. Every hack teaches us not to store your funds in the exchange. You can say this is a warning from the hacker groups. Mainly hackers target where a large amount has been stored; that would be any financial service that is related to the crypto or an exchange. So they could easily take out the funds. Exchange is the most targeted due to the large amount held by them. If a hacker succeeds in hacking the system, they could withdraw a big amount so quickly.

However, we should care about the hacker's message. It means don't store your funds in any centralised system. Though hackers sometimes gain access to your noncustodial wallet, it does happen due to our own mistakes or greedy behaviour. It compromised your wallet. But something like this happens very rarely. So I will advise taking lessons from hacks.

This explanation here makes so much sense to. Because I had no qualms having funds on exchange at all.

But this right here is a clear message that, I will be making a mistake if I leave it that way.

[Peanutswar]

This could be depends on the intention of the hackers, others just want to test out the vulnerability of the platform and they are secured and to test it out if they really invested in cybersecurity. Next is if the hackers would like to make an intention to hack the system of course to have a malicious reason like steal money or could be information of the user. This is the reason we dont recommend to store your funds into these exchanges as possible to avoid freeze of your money or hold due to some reasons and most likely they arent accountable on the lost.

[TheUltraElite]

These are often inside jobs and you cannot trust that the exchange owners are being completely transparent and that the hack was not engineered from inside. Still keeping the paranoia aside, such hacks are common and we as users need to understand that to avoid getting caught with money on the lines, we should not store coins on exchange.

Previously the crypto scene in India was not that big, but even though government has imposed huge taxes on crypto people are using it and exchanges are seeing good volume or traffic - they instantly become targets for hackers.

[Faazs]

Exchanges are consistently being attacked by hackers, due to the the fact that they have high value and the security is vulnerable, other reasons are given below;

1) Consolidated trading platforms
Many trading platforms keep users fund in centralized wallets connected to the Internet. At any point in time hackers can break these defence system and steal funds in crypto.

2) Poor Security initiatives
Exchanges have been found wanting in other to reduce cost or increase speed, they tend to cut corners like having fragile user authentication, poor internal controls and vulnerable APIs or archaic software.

3) Enticing for Criminals
Transactions using crypto are worldwide with no borders, swift cause they are settled in short time and they have masked identity, in other words difficult to trace. Makes them constant target for cybercrimes.

4) Threats from within
Workers or people with inner knowledge may sometimes sell vital information, steal funds e t.c.

5) Lack of Rules and poor monitoring
Many exchange platforms lack proper rules to guide their operations and also monitoring is not done well enough so as to punish defaulters who breaks rules and guidelines.


** Prevention Tips for Users**
Users should always try to make use of exchanges with strong security and insurance and also two-factor authentication password should be enabled and I also encourage withdrawal of funds to personal wallets when not used for trading.

[condoras]

Previously the crypto scene in India was not that big, but even though government has imposed huge taxes on crypto people are using it and exchanges are seeing good volume or traffic - they instantly become targets for hackers.

I guess that governments know that letting crypto be free for trading will bring more income for them, since they will tax it. However, putting huge taxes can prevent people from trading. It's an issue that exists in other countries as well, but that doesn't matter to hackers. As long as they see a system that holds and moves big amounts of money, they will target it and try to penetrate it.

[EarnOnVictor]

The three summary reasons I could think of are: 1. Lack of adequate security, 2. Lapses on the part of the management, and  3. Internal plan and conspiracy.

1. Lack of adequate security: Everyone wants to engage in crypto exchange due to the profitability of the industry, but many are not willing to part with the required money for security. "To whom much is given, much is required."

2. Lapses on the part of the management: Some managements take personal efforts for levity, and an example is that of Bybit's CEO, who didn't verify the address of the transaction that is worth billions of dollars.

3. Internal plan and conspiracy: We've seen cases where the accusing finger is pointed at the management for conspiracies to steal customers' money. And there are cases where the accusing fingers are pointed at the trusted employees or at strong members within the high ranks.

[sunsilk]

Most exchanges have the reserve to start all over again if some hacks like this happens. And that's for assuring them that they can still get up after someone did them a mess.

Why The Many Hacks on Exchanges?

That's because they're known to have a lot of funds in their hot and cold wallets.

And so, wherever the money is on, the eyes of the hackers are also there and they'll try to penetrate them if they know that they can.

Otherwise, if these exchanges have stronger security and being updated from time to time, they will have hard time in exploiting them.

It's obvious that it attract cyber criminals before it's a honey pot for them. And even if they have strong security, cyber threat are one step of the game and their attempts are getting daring and bolder, like attacking people that works inside and then they used it to gain access to the system itself. So it's not only the exchanges are vulnerable, everyone inside specially those who have accessed to sensitive information are going to be a target now.

So it's going to be a cat and mouse game, once exchanges have been hack then they will have to react and upgrade their security. But then again, hackers are carefully studying it and so they next exchange will be a target.

We have no choice if we're already a victim and became a part of that exploit from these hackers. The data that we have already inside the platform is we have no control over.

And so, these hackers aren't just targeting the funds that they can steal from them but also our data.

That's what we've signed for and that's why if they've been hacked, and so expect that also our details are.