Crypto Exchange CoinDCX Proposes 25% Recovery Incentive Following Major Hack

CoinDCX has initiated a recovery bounty program in response to a significant cyberattack that resulted in the theft of assets valued at $44 million from the internal operational account of the crypto exchange.

The recovery bounty programme, featuring a potential pool of $11 million (approximately INR 100 crore), was announced by the company on its blog.  

“Individuals or teams who assist in tracing and retrieving the stolen crypto, and more importantly help identify and convict those involved, will be awarded up to 25% of any recovered funds,” the blog read.

Sumit Gupta, cofounder of CoinDCX, posted on X: “Our priority is to identify and apprehend the attackers rather than to recover the stolen funds. Incidents like this must not recur—neither with us nor with anyone else in the industry.”

Related: List of Most Used Words In Shark Tank India : Meaning & Explanation

The startup is inviting ethical hackers, white-hat researchers, and other cybersecurity specialists to take part in the bounty programme.

According to CoinDCX, it has managed to absorb the effects of the stolen assets from its company treasury, ensuring that no customers have been affected and that the platform continues to operate correctly.

The startup is collaborating with a number of cybersecurity companies, including Sygnia, zeroShadow, and Seal911, as well as ecosystem partners, including the Solana Foundation, Superteam, and bridge providers Wormhole and deBridge, in order to retrieve the stolen assets.

The assets were taken two days ago when CoinDCX’s internal wallet—which was primarily used for liquidity provisioning on a partner exchange—was compromised. However, the startup asserts that by isolating the operational account, the attack was swiftly contained.

CoinDCX is now the second cryptocurrency exchange to experience a significant cybersecurity breach. In July 2024, WazirX experienced a significant crypto theft in which digital assets valued at $234 million were taken from one of its wallets on Liminal, an institutional digital asset custody platform.

Nearly 4 million users were affected by the WazirX heist, as the crypto exchange halted trading and withdrawals, causing panic among its users.  The company lodged a FIR and initiated a recovery bounty program that promises a reward of 10% of the total amount stolen.

Only $3 million of the entire lost funds have been recovered by WazirX to date, and South Korean, Japanese, and US authorities blamed state-sponsored North Korean hackers for the hack.