
Software engineer held in connection with $44 million CoinDCX crypto hack
01 Aug 2025, 02:47 PMIn its internal proble, CoinDCX found that cybercriminals had gained unauthorized access to the exchange's systems using its employee's workplace login credentials.
Team Head&Tale
In the aftermath of CoinDCX’s $44 million (Rs 378 crore) cryptocurrency hack, Bengaluru Police have arrested a software engineer linked to a sophisticated cyberattack that led to the theft of millions in digital assets.
According to a TOI report, the arrest was made after a complaint by Neblio Technologies, which runs the crypto trading platform CoinDCX.
The detained individual, identified as 30-year-old Rahul Agarwal, was employed as a software engineer at CoinDCX when the security incident occurred. He was taken into custody after investigators determined that cybercriminals had gained unauthorized access to the exchange's systems using his workplace login credentials.
"Agarwal came under the scanner after the company found out that an unknown person has hacked into the system at 2.37 am on July 19 and transferred one USDT to a wallet. Around 9.40 am, the hacker siphoned off $44 million and transferred it to six wallets," Times of India quoted the Bengaluru police as saying.
The company, in its internal investigations, discovered that only Agarwal's office laptop security credentials had been compromised, providing the attackers with a pathway into CoinDCX's server infrastructure.
However during the interrogation, the engineer maintained his innocence regarding the theft but acknowledged engaging in unauthorized freelance work for multiple external clients. He admitted to "moonlighting" activities involving three to four separate private parties, though he claimed to have limited knowledge about these clients' identities or backgrounds.
On micro-blogging platform X, CoinDCX founder Sumit Gupta said, "....based on our internal preliminary findings, this appears to be a sophisticated social engineering attack. Naturally, in these attacks, employees of a company are targeted to gain unlawful access to internal systems of an organisation. We understand, at this point, the law enforcement agencies are investigating the matter to track and trace the hackers responsible for the attack."
Indian crypto exchange CoinDCX confirmed on July 20 that it was hit by a "sophisticated server breach", resulting in the loss of approximately $44 million. On July 19, attackers compromised a hot wallet after gaining server-level access to the internal account -- which was used for operational liquidity provisioning.
This security breach adds to growing concerns about cryptocurrency platform safety in India, following last year's WazirX incident where $234 million in digital assets were stolen - a case that remains unresolved. These incidents highlight the ongoing vulnerability of cryptocurrency exchanges to sophisticated cyber attacks and the challenges in recovering stolen digital assets.