CoinDCX Employee Arrested After $44M Hack
The Indian crypto space was shaken this July when CoinDCX, one of the country’s top cryptocurrency exchanges, experienced a significant security breach. A staggering $44 million was stolen from the platform, and now, an employee has been arrested in connection with the incident.
CoinDCX Hack Linked to Employee Credentials
On July 19, suspicious activity involving USDT was detected on the exchange. Following a test transfer, hackers siphoned approximately ₹379 crore ($44 million) across six crypto wallets. Rahul Agarwal, a software engineer at CoinDCX, has been arrested in connection with the hack.
Investigations revealed that Agarwal’s work-issued laptop was compromised, giving hackers direct access to internal systems. CoinDCX’s parent company, Neblio Technologies, discovered the breach, leading to Agarwal’s arrest.
The “Social Engineering Attack”
CoinDCX co-founder and CEO Sumit Gupta described the hack as a “social engineering attack,” where hackers tricked Agarwal into giving access to confidential information. It’s believed that Agarwal was convinced to open files or click links that installed malware on his work laptop, providing hackers access to his credentials.
Freelance Work Raises More Suspicions
Further investigations revealed that Agarwal received ₹15 lakh ($17,000) from unknown sources. He admitted to receiving files from overseas “clients” via WhatsApp and foreign phone numbers. Experts suspect one of these files contained a Trojan, granting full access to CoinDCX’s systems.
On-chain investigator ZachXBT criticized CoinDCX's delayed response, noting the company waited 17 hours to publicly acknowledge the hack after suspicious wallet activity was detected.
Police Begin Unraveling the Hack
Following a complaint by Neblio Technologies, the Bengaluru Police Cyber Crime Division detained Agarwal on July 26. He remains a prime suspect due to his level of access within the company. Authorities believe the attackers used the infected device to access CoinDCX’s internal accounts, initially compromising an account used for liquidity provision.
CoinDCX Offers $11 Million Recovery Bounty
In response to the breach, CoinDCX launched a “Recovery Bounty Programme,” offering 25% of any recovered funds, potentially totaling $11 million. CoinDCX confirmed that no customer funds were affected, as the breach targeted internal corporate wallets.
CoinDCX is committed to maintaining the security of its platform. For enhanced security solutions, consider Codeum's offerings, including smart contract audits, KYC verification, and custom smart contract development. Contact us for tokenomics consultations and partnerships with launchpads.