Global Blockchain, Local Battles: Why India Needs Shield With Local Touch

When news broke in July this year that hackers had stolen $44 million (around Rs 378 crore) from CoinDCX, one of India’s biggest crypto exchanges, it set off alarm bells.

Even though customer funds were safe in cold wallets and the company promised to cover the loss from its reserves, the incident was unsettling.

A logical question on everyone’s mind was: how can an exchange using blockchain be hacked? Isn’t blockchain the most secure tech there is, and also unhackable, so to speak?

We’ll answer that question in a bit. But before that, let’s first understand what exactly happened with CoinDCX:

The hackers targeted an operational wallet used by the exchange to provide liquidity necessary to ensure users can transact smoothly.

Once inside, the hackers didn’t waste time. They promptly shifted the funds across various blockchains and used clever laundering tricks to cover their tracks so that nobody could figure out where the money came from or where it went.

Et Tu, Blockchain?

At this stage, it’s important to clear up a misunderstanding: the blockchain itself wasn’t hacked in this case; the attackers actually went after the backend that links the CoinDCX platform to the blockchain.

In other words, the burglars couldn’t get to the vault, but they managed to slip into the room where it was kept. How they managed to access it is not known yet. But the best guess is that they exploited some vulnerabilities in the backend.

In the case of CoinDCX, the money was swiftly laundered and is now untraceable.

There were many such cases in Asia this year. In fact, in the first half of 2025 alone, crypto scams and hacks across the continent cost investors more than $1.5 billion — already more than the total losses for all of last year.

According to some experts, the numbers are going up with every passing day because the tools and tech available to combat these threats are West-centric, and not as effective in this part of the world.

Why India Needs Local Solutions

The truth is that most anti-money-laundering rules were built for banks, not blockchains, and certainly not with India’s fast-growing crypto market in mind.

They’re based on how money moves in the West — through ‘mixers’, ‘tumblers’, or shady centralised exchanges. Basically, these are hacker stuff, used by fraudsters there to make it harder to trace where the money originally came from.

But in Asia, the methods to steal are different because the way money moves here is somewhat different, said Slava Demchuk, co-founder and CEO of AMLBot, a company that provides anti-money laundering compliance solutions for businesses.

In Thailand, for example, unlicensed OTC desks are common. Here, big crypto trades happen directly between buyers and sellers, instead of on a public exchange like Binance or CoinDCX. They’ll swap your cash for crypto (or vice versa) without asking for your ID or maintaining any records. Totally off the grid.

In the Philippines, criminals exploit mobile wallets. These are like normal digital wallets with one USP: Once funds are in the wallet system, they can be converted into crypto or sent abroad, often without raising alarms.

In India, peer-to-peer transfers often serve as a cover for laundering. For example, you want to buy Bitcoin, I want to sell. We meet on a P2P platform, agree on a price, and you transfer money to my bank account while I send you crypto.

Western-designed tools don’t see these patterns as threats. That’s why India needs regional risk libraries, which is a fancy name for local databases that flag the unique laundering routes, shady wallets, and recurring scams specific to our market.

With that intelligence built in, blockchain analytics can catch suspicious activity before funds vanish into decentralised exchanges.

Final Words

The CoinDCX burglary showed us that trust, once shaken, may be hard to rebuild. It also brought to our attention that the tools to prevent such incidents already exist.

Technology, however, is only part of the answer. What the CoinDCX case really brings out is the importance of speed when it comes to acting when a breach occurs.

By the time an exchange even realises there has been a breach, the stolen money has usually gone through dozens of wallets, making it almost impossible to find out its origin.

The only way to stop that, said Demchuk, is with real teamwork involving exchanges and law enforcement all working together. It’s a system where unusual wallet activity is flagged instantly and regulators have the authority to act on it in real time.

In Thailand and Malaysia, this approach has already delivered results: funds were frozen within hours instead of weeks.

India’s crypto story is still being written, and such hacks and scams that could erode trust before the market has matured.

Blockchain sure makes things secure. But to use it more effectively, we need some customised solutions built on local intelligence.

This series is brought to you in partnership with Algorand.