- The Coinbase hacker who stole $300M is back, now buying millions in ETH as prices rise, signaling a bold return to the market.
- Crypto hackers continue using Tornado Cash and bridges to move funds, exposing weak points in current exchange security systems.
- CoinDCX lost $44M in a server breach but vows to cover the loss, showing the growing pressure on platforms to boost protections.
As reported by Lookonchain, a hacker who previously stole over $300 million from Coinbase users has resurfaced. Just hours ago, the attacker purchased 649.62 ETH worth $2.31 million at $3,561. Ethereum’s price now stands at $3,711, up 4.07% in 24 hours.
The attacker initially infiltrated Coinbase by bribing a customer support staffer, affecting 97,000 users. They used THORChain to convert 26,347 ETH into $68.18 million in DAI, complicating the recovery process.
Meanwhile, CoinDCX has confirmed a separate breach involving $44 million. Blockchain investigator ZachXBT first spotted the hack nearly 17 hours after it happened. The attacker moved the funds from Solana to Ethereum after seeding their wallet with 1 ETH via Tornado Cash. CoinDCX CEO Sumit Gupta called it a “sophisticated server breach” that compromised an internal liquidity provisioning account.
CoinDCX Acts Fast to Contain the Fallout
Additionally, Gupta confirmed that customer funds remained untouched. He stressed that all user wallets are secure and unaffected by the breach. CoinDCX plans to cover all stolen funds using its own treasury reserves. Moreover, the company is working with its exchange partner to freeze and recover stolen assets. Gupta also announced plans to launch a bug bounty program soon.
This hack comes one year after the high-profile WazirX breach, which derailed its restructuring plans. That incident was eventually tied to the North Korea-linked Lazarus Group. However, no group has claimed responsibility for the CoinDCX attack so far.
Hackers Signal Broader Crypto Security Crisis
Besides these two incidents, the repeated use of Tornado Cash and cross-chain bridges raises new alarm bells. The Coinbase hacker seems to be positioning for future gains, accumulating ETH amid market momentum.
CoinDCX, founded in 2018, became a unicorn in 2021. It later acquired Dubai-based BitOasis in July 2024. Consequently, this breach may slow its expansion and trigger tighter security controls. These incidents highlight the urgent need for stronger internal systems and better response coordination across the crypto sector.
