CoinDCX has suspended trading in the Web3 section as a precaution, Khandelwal said. Customers’ funds in the Web3 section are safe, he added.
“All the customer assets are safe, and the trading activity plus the INR withdrawals continue unhindered,” Khandelwal posted. Crypto withdrawals for customers who have the feature enabled are also working as usual, he added.
One of CoinDCX’s internal operational accounts, used only for liquidity provisioning on a partner exchange, was compromised due to a sophisticated server breach, Gupta elaborated in a separate post. The CoinDCX wallets used to store customer assets are unaffected and safe, he confirmed.
“The incident was quickly contained by isolating the affected operational account. Since our operational accounts are segregated from customer wallets, the exposure is only limited to this specific account and is being fully absorbed by us—from our own treasury reserves,” Gupta stated.
The internal security and operations teams of CoinDCX are working with cybersecurity partners to investigate the matter, patch any vulnerabilities and trace the movement of funds, Gupta wrote.
The platform is collaborating with its exchange partner to block and recover assets, and will launch a bug bounty program soon to identify loophooles, Gupta said.
