Crypto Hack Losses Jump 27% in July to $142M, Led by CoinDCX and GMX
Crypto hack losses jumped 27.2% to $142 million in July 2025, up from $111.6 million in June, as seventeen major security breaches targeted exchanges and DeFi protocols, according to PeckShield data.
Indian exchange CoinDCX suffered the month’s largest attack at $44.2 million through insider involvement, while GMX lost $42 million in a re-entrancy exploit before recovering funds through a white-hat agreement.
CoinDCX Breach Exposes Insider Threat Through Employee Compromise
The CoinDCX attack on July 19 resulted from compromised login credentials belonging to software engineer Rahul Agarwal, who was arrested on suspicion of involvement in the $44 million theft.
Police investigations revealed that Agarwal used his company laptop for freelance work, receiving a WhatsApp call from Germany about a file completion that likely contained malicious code.
The breach occurred at 2:37 AM when an unknown person accessed the system and transferred 1 USDT to test the connection.
— Cryptonews.com (@cryptonews) July 31, 2025
A CoinDCX employee was found using the company laptop for freelance jobs, which led hackers to exploit login credentials to siphon $44 million in crypto.#CoinDCX #CryptoHack #IndianCryptoExchangehttps://t.co/0EivOLdqEJ
At 9:40 AM, hackers siphoned $44 million and distributed funds across six wallets, according to police statements from Neblio Technologies vice-president Hardeep Singh.
Cybersecurity experts from Cyvers linked the exploit to North Korea’s Lazarus Group, noting similarities to the $234 million WazirX hack in 2024.
The attack pattern involved systematic fund extraction and immediate distribution to multiple addresses to complicate recovery efforts.
Agarwal admitted during interrogation that he received approximately $17,131 in his bank account from unknown sources over the past year, claiming the payments came from part-time work.
The incident coincided with acquisition rumors involving Coinbase, which CoinDCX CEO Sumit Gupta later denied.
GMX Recovers $40.5M After Re-Entrancy Vulnerability Exploitation
GMX suffered a $42 million exploit on July 9 through a re-entrancy vulnerability in its V1 contracts that bypassed the nonReentrant modifier.
The attacker manipulated BTC average short prices through the Vault contract, artificially inflating GLP token values before redeeming them for profit using flash loans.
The exploiter agreed to a white-hat deal, returning approximately $40.5 million, including 10,000 ETH and 10.5 million FRAX tokens, while keeping a $5 million bounty.
However, the remaining $32 million was converted to 11,700 ETH, generating an additional $3 million profit due to Ethereum price appreciation.
GMX paused trading on Avalanche and disabled GLP minting on Arbitrum pending user reimbursement procedures.
— Cryptonews.com (@cryptonews) July 11, 2025
The GMX exploiter agrees to return $42M in stolen assets for a $5M white-hat bounty, per @lookonchain
#GMX #DeFihttps://t.co/RXjQ9IiH7k
The protocol confirmed that V1 positions would be wound down and migrated to a reimbursement pool, while warning all V1 forks to implement immediate security fixes.
Other significant July breaches included BigONE exchange losing $28 million through supply chain compromise, WOO X suffering $12 million in losses from a targeted phishing attack, and Future Protocol losing $4.2 million.
BigONE’s production network was compromised when attackers modified server logic for account operations and risk controls.
The July surge continues 2025’s devastating security trend, with crypto investors losing over $2.2 billion in the first half through 344 incidents.
Wallet-related breaches accounted for $1.7 billion across 34 attacks, while phishing attacks stole $410 million in 132 separate incidents.
— Cryptonews.com (@cryptonews) June 30, 2025
Crypto investors have lost $2.2B to hacks and scams in H1 2025, with $187M recovered as threats shift, reports @CertiK.#CryptoSecurity #Cryptohacks https://t.co/5KCaVsYnbg
Physical violence against crypto holders escalated alongside digital attacks, with 32 “wrench attacks” reported globally in 2025, putting the year on pace to exceed 2021’s record of 36 violent incidents.
Nearly one-third occurred in France, where attackers increasingly target family members of cryptocurrency holders.
The average loss per incident reached $7.1 million with a median of $90,000, while recovery efforts returned $187 million through law enforcement, white-hat arrangements, and exchange cooperation.
Despite partial recoveries, net losses for 2025’s first half totaled approximately $2.29 billion, already exceeding all of 2024’s crypto security losses.
The post Crypto Hack Losses Jump 27% in July to $142M, Led by CoinDCX and GMX appeared first on Cryptonews.
Read More
CoinDCX Staff Held for $44M Heist, Hackers Exploited Login Credentials
SEC Chair Urges Crypto ‘Reshoring’ as Firms Return to US Amid Policy Shift
Crypto Hack Losses Jump 27% in July to $142M, Led by CoinDCX and GMX
Crypto hack losses jumped 27.2% to $142 million in July 2025, up from $111.6 million in June, as seventeen major security breaches targeted exchanges and DeFi protocols, according to PeckShield data.
Indian exchange CoinDCX suffered the month’s largest attack at $44.2 million through insider involvement, while GMX lost $42 million in a re-entrancy exploit before recovering funds through a white-hat agreement.
CoinDCX Breach Exposes Insider Threat Through Employee Compromise
The CoinDCX attack on July 19 resulted from compromised login credentials belonging to software engineer Rahul Agarwal, who was arrested on suspicion of involvement in the $44 million theft.
Police investigations revealed that Agarwal used his company laptop for freelance work, receiving a WhatsApp call from Germany about a file completion that likely contained malicious code.
The breach occurred at 2:37 AM when an unknown person accessed the system and transferred 1 USDT to test the connection.
— Cryptonews.com (@cryptonews) July 31, 2025
At 9:40 AM, hackers siphoned $44 million and distributed funds across six wallets, according to police statements from Neblio Technologies vice-president Hardeep Singh.
Cybersecurity experts from Cyvers linked the exploit to North Korea’s Lazarus Group, noting similarities to the $234 million WazirX hack in 2024.
The attack pattern involved systematic fund extraction and immediate distribution to multiple addresses to complicate recovery efforts.
Agarwal admitted during interrogation that he received approximately $17,131 in his bank account from unknown sources over the past year, claiming the payments came from part-time work.
The incident coincided with acquisition rumors involving Coinbase, which CoinDCX CEO Sumit Gupta later denied.
GMX Recovers $40.5M After Re-Entrancy Vulnerability Exploitation
GMX suffered a $42 million exploit on July 9 through a re-entrancy vulnerability in its V1 contracts that bypassed the nonReentrant modifier.
The attacker manipulated BTC average short prices through the Vault contract, artificially inflating GLP token values before redeeming them for profit using flash loans.
The exploiter agreed to a white-hat deal, returning approximately $40.5 million, including 10,000 ETH and 10.5 million FRAX tokens, while keeping a $5 million bounty.
However, the remaining $32 million was converted to 11,700 ETH, generating an additional $3 million profit due to Ethereum price appreciation.
GMX paused trading on Avalanche and disabled GLP minting on Arbitrum pending user reimbursement procedures.
— Cryptonews.com (@cryptonews) July 11, 2025
#GMX #DeFihttps://t.co/RXjQ9IiH7k
The protocol confirmed that V1 positions would be wound down and migrated to a reimbursement pool, while warning all V1 forks to implement immediate security fixes.
Other significant July breaches included BigONE exchange losing $28 million through supply chain compromise, WOO X suffering $12 million in losses from a targeted phishing attack, and Future Protocol losing $4.2 million.
BigONE’s production network was compromised when attackers modified server logic for account operations and risk controls.
The July surge continues 2025’s devastating security trend, with crypto investors losing over $2.2 billion in the first half through 344 incidents.
Wallet-related breaches accounted for $1.7 billion across 34 attacks, while phishing attacks stole $410 million in 132 separate incidents.
— Cryptonews.com (@cryptonews) June 30, 2025
Physical violence against crypto holders escalated alongside digital attacks, with 32 “wrench attacks” reported globally in 2025, putting the year on pace to exceed 2021’s record of 36 violent incidents.
Nearly one-third occurred in France, where attackers increasingly target family members of cryptocurrency holders.
The average loss per incident reached $7.1 million with a median of $90,000, while recovery efforts returned $187 million through law enforcement, white-hat arrangements, and exchange cooperation.
Despite partial recoveries, net losses for 2025’s first half totaled approximately $2.29 billion, already exceeding all of 2024’s crypto security losses.
The post Crypto Hack Losses Jump 27% in July to $142M, Led by CoinDCX and GMX appeared first on Cryptonews.
Read More
CoinDCX Staff Held for $44M Heist, Hackers Exploited Login Credentials