CoinDCX Engineer Arrested Over $44M Crypto Theft via Compromised Credentials

Generated by AI AgentCoin World
Thursday, Jul 31, 2025 6:32 am ET1min read
Aime RobotAime Summary

- A CoinDCX engineer was arrested for allegedly enabling a $44M crypto theft via compromised credentials and malware.

- Hackers exploited his work laptop and freelance activities to access internal servers, siphoning funds to six wallets.

- The breach highlights risks of insider threats and lax security in crypto exchanges, prompting calls for stricter access controls.

- CoinDCX emphasized no user funds were lost, but CEO warned of sophisticated social engineering attacks targeting employee accounts.

A CoinDCX software engineer, Rahul Agarwal, was arrested by Bengaluru City police in India over his alleged involvement in a $44 million cryptocurrency theft, according to multiple local reports. The breach occurred in mid-July 2025 when hackers allegedly compromised Agarwal’s work laptop and login credentials to gain unauthorized access to the exchange’s servers [1][2]. The incident was uncovered after an unknown individual transferred 1 USDT to a wallet on the night of July 19, followed by the large-scale siphoning of funds to six separate wallets [1].

Agarwal, a 30-year-old permanent employee of CoinDCX, had been working in the DevOps domain for over two years. He was promoted to the role of staff engineer in April 2025 [1]. According to police reports cited by The Times of India, the employee was found to have used his office laptop for part-time freelance work for up to four private clients, a move that may have facilitated the breach [2]. Authorities claimed hackers tricked him into installing malware on the company-issued device [1].

The exchange’s parent company, Neblio Technologies, launched an internal investigation following the breach and filed a formal complaint with police [1]. Agarwal denied involvement in the theft during questioning but admitted to his freelance activities. CoinDCX CEO Sumit Gupta stated on X that the incident appeared to be a “sophisticated social engineering attack” and emphasized that employee accounts are frequently targeted in such cases [1]. He also urged the public to avoid spreading unverified information to prevent interference with the ongoing investigation [1].

CoinDCX has not publicly commented on the arrest, citing the need to maintain focus on the investigation. The exchange also noted that the breach did not impact user funds, as the compromised account was related to internal liquidity provisions rather than customer assets [1]. The arrest comes amid heightened scrutiny of internal security practices in the cryptocurrency sector, particularly concerning access controls and employee conduct [2].

The incident raises questions about the adequacy of internal safeguards at crypto exchanges, especially when it comes to the use of company equipment and the potential risks posed by side activities. While Agarwal’s arrest represents a step toward accountability, it also highlights the growing challenge of insider threats in the digital finance industry [1][2].

Source:

[1] Cointelegraph – [https://cointelegraph.com/news/coindcx-hack-employee-arrested-44m-crypto-theft](https://cointelegraph.com/news/coindcx-hack-employee-arrested-44m-crypto-theft)

[2] The Times of India – [https://www.tradingview.com/news/cointelegraph:edd5d89a4094b:0-coindcx-employee-arrested-in-connection-with-44m-crypto-hack-report/](https://www.tradingview.com/news/cointelegraph:edd5d89a4094b:0-coindcx-employee-arrested-in-connection-with-44m-crypto-hack-report/)

Comments



Add a public comment...
No comments

No comments yet