Vindax

On November 5, 2019, VinDAX, a Vietnam-based cryptocurrency exchange specializing in small-cap token sales, was thrust into the spotlight for all the wrong reasons when hackers siphoned off $500,000 in digital assets across 23 cryptocurrencies. Launched in March 2019, the platform, serving 390000 monthly visitors primarily from India, per SimilarWeb, was the seventh exchange hacked that year, contributing to a staggering $1.39 billion in global crypto losses, as reported by The Block and Lexology. The breach, confirmed via VinDAX’s Telegram by admin @VinDAXSupport, likely stemmed from a credential stuffing attack exploiting reused passwords from prior data breaches, a method highlighted by UEEx Technology, though the exchange’s scant disclosure on security measures fueled speculation of deeper vulnerabilities.

VinDAX claimed a full recovery without specifics, a statement met with skepticism on Reddit, where users like u/CryptoHodlerX flagged the platform’s high withdrawal fees and unresponsive support as red flags. In a controversial move, VinDAX emailed affected token projects, requesting 30% to 100% of stolen amounts to cover user withdrawals, a tactic criticized on Twitter by @NakamotoJedi as desperate. With no reported fund recoveries or arrests in 2019’s lax regulatory environment, the hack, following Bitpoint’s $32 million loss, eroded trust in smaller exchanges. The incident sparked calls for mandatory two-factor authentication, robust password policies, and transparent security audits to shield the crypto ecosystem from escalating cyber threats.