Lazarus Group Linked to $44 Million CoinDCX Heist: Cyberattack Details Unveiled

A cyberattack on the Indian cryptocurrency exchange CoinDCX, resulting in a $44.2 million loss, has been linked to the North Korean hacking group Lazarus Group. This information was reported by CryptoSlate, citing Cyvers CEO Deddy Lavid.

The expert pointed out that the attackers employed a strategy similar to that used in previous operations conducted by North Korean hackers. A notable aspect of their approach includes the use of the cryptocurrency mixer Tornado Cash and cross-chain bridges to obscure the flow of funds.

On July 19, CoinDCX reported a compromise of an internal account used to provide liquidity on an external platform.

Lavid speculated that the perpetrators gained access to the backend through exposed API keys, incorrect system configurations, or vulnerabilities in credential permissions. Once inside the system, they exploited legitimate account privileges to transfer assets from Solana to Ethereum, subsequently laundering the funds through Tornado Cash.

The sophistication of the attack and the hackers’ thorough understanding of liquidity mechanisms on centralized crypto platforms are indicative of experienced and well-coordinated cybercriminals, according to Lavid.

CoinDCX co-founder Sumit Gupta confirmed that user assets were not affected during the breach and that the company has already covered the entire loss from its own reserves.

The exchange has launched a bounty program, offering a reward of 25% of any recovered amounts. The team is seeking assistance not only in tracking the assets but also in identifying those responsible for the attack.

«It is crucial for us not only to recover the stolen funds but also to identify and apprehend the culprits, as incidents like these should not happen again to us or anyone else in the industry,» Gupta emphasized.

It’s worth noting that the recent historic hack of Bybit, amounting to approximately $1.5 billion in February, was also attributed to Lazarus. Findings from experts have been confirmed by the FBI.