CoinDCX Engineer Arrested After $44M Crypto Heist via Compromised Credentials

Generated by AI AgentCoin World
Thursday, Jul 31, 2025 3:24 am ET1min read
Aime RobotAime Summary

- Rahul Agarwal, a CoinDCX engineer, was arrested for leaking credentials leading to a $44M crypto theft.

- CoinDCX’s parent company pledged to cover the loss from reserves, distinguishing it from the 2024 WazirX breach.

- Security experts highlight the incident as a warning about endpoint vulnerabilities and employee access controls in crypto firms.

- The case, one of India’s largest crypto heists, sparks debates on centralized exchange reliability and legal implications.

Rahul Agarwal, a software engineer at Bengaluru-based cryptocurrency exchange CoinDCX, was arrested on July 26, 2025, in connection with the theft of $44 million in digital assets. The breach occurred when hackers compromised Agarwal’s login credentials, enabling them to access internal systems and siphon off the funds to six crypto wallets on July 19 [1]. The stolen assets were drawn from an internal liquidity account rather than user funds, a distinction that has helped prevent widespread panic among customers [2].

CoinDCX’s parent company, Neblio Technologies, confirmed the breach and pledged to cover the $44 million loss from its reserves, a rare but notable response in the crypto industry. The company’s decision to absorb the financial impact contrasts with the WazirX breach in 2024, where user assets were directly affected [2]. An internal investigation revealed that Agarwal’s bank account held a Rs 15 lakh deposit of unknown origin. He claimed the funds came from freelance work but has not yet been cleared of involvement in the credential compromise.

Security experts have pointed to the incident as a stark reminder of the vulnerabilities in endpoint security within the crypto sector. A 2023 NIST study highlighted the increasing risks of credential theft in financial systems, a warning that appears to have gone unheeded in this case [2]. Forensic analysis of Agarwal’s laptop is ongoing to determine the precise method of the breach and to trace the hackers’ entry point into the system [1]. The theft is being described as one of the largest in India’s crypto industry and has sparked renewed debates about the reliability of centralized exchanges [1].

The breach also raises broader concerns about employee training and access control policies within crypto firms, especially as the sector continues to grow. While CoinDCX has announced a comprehensive review of its security protocols, the incident underscores the urgent need for stronger safeguards and greater transparency in the handling of digital assets [1].

Law enforcement is continuing to investigate whether other parties were involved in the theft and whether similar methods were used to compromise other platforms. The case is being closely watched for its potential legal and operational implications, particularly as CoinDCX remains one of India’s largest crypto exchanges [2].

Source:

[1] NDTV - Latest News, Photos, Videos on Arrest (https://www.ndtv.com/topic/arrest)

[2] NDTV - Latest News, Photos, Videos on Moves (https://www.ndtv.com/topic/moves)

Comments



Add a public comment...
No comments

No comments yet