Is North Korea's Lazarus Group Linked to the Recent $44 Million CoinDCX Theft?
Altcoins/Security Breach

Is North Korea's Lazarus Group Linked to the Recent $44 Million CoinDCX Theft?

A cybersecurity report indicates that the North Korean hacker group Lazarus may be responsible for a major security breach at CoinDCX, leading to a theft of $44.2 million.

Trade with eToro

Trade with eToro

Open an account

Trade on XM

Trade on XM

Open an account

Is North Korea’s Lazarus Group Linked to the Recent $44 Million CoinDCX Theft?

On July 19, 2025, the cryptocurrency exchange CoinDCX in India faced a significant security breach, resulting in the loss of approximately $44.2 million in USDC and USDT. Despite the incident, CEO Sumit Gupta reassured users on July 22 that CoinDCX remains in a stable financial position and continues to operate normally. He confirmed that all INR withdrawal requests are being processed completely.

“CoinDCX remains financially strong, fully operational, and firmly committed to building for the long term. For us, it’s business as usual.” — Sumit Gupta

Reports suggest that this breach may be linked to the Lazarus Group, a notorious cybercrime syndicate believed to have ties to North Korea, known for executing high-profile attacks on cryptocurrency platforms. The breach according to Cyvers, a cybersecurity firm, was carried out swiftly within just five minutes through seven high-speed transactions, illustrating remarkable cross-chain capabilities.

Heist Resembled WazirX Hack

Cyvers highlighted that the CoinDCX theft had parallels to a previous $230 million hack of WazirX, attributing these incidents to the same modus operandi employed by the Lazarus Group, which enables them to bypass traditional monitoring systems and rapidly move assets across blockchain networks. The report indicated that the attackers exploited operational wallets, amplifying concerns about centralized exchange vulnerabilities.

CoinDCX Suffers $44.2M Security Breach; Customer Funds Confirmed Safe

Fortunately, the compromised wallet was not linked to public reserves, ensuring that user funds remained protected. The exploit began with a minimal funding of 1 ETH which the hacker then sent to Tornado Cash, a crypto mixing service, to obscure the trail.

“Our system has detected a hack into @CoinDCX centralized exchange 20 hours ago…” — Cyvers Alerts

The events surrounding this breach underline the ongoing threat posed by state-sponsored hacker syndicates and serve as a significant warning for the crypto industry, particularly in India.

Key Takeaways:

  • The North Korean Lazarus Group is linked to the $44.2 million CoinDCX breach.
  • The theft was executed in a rapid manner, taking only five minutes with high-speed transactions.

Explore more insights into the crypto landscape here.

Next article

Blackhole Protocol Leading Gains on Avalanche: Is BLACK Crypto Set to Hit New Peaks?

Newsletter

Get the most talked about stories directly in your inbox

Every week we share the most relevant news in tech, culture, and entertainment. Join our community.

Your privacy is important to us. We promise not to send you spam!