CoinDCX Loses $44M in Social Engineering Hack via Employee Account

Generated by AI AgentCoin World
Thursday, Jul 31, 2025 9:06 pm ET1min read
Aime RobotAime Summary

- Indian crypto exchange CoinDCX lost $44M in 2025 via a social engineering attack exploiting a compromised employee account.

- Senior engineer Rahul Agarwal was arrested after hackers used malware and fake job offers to access internal systems through his work device.

- CEO Sumit Gupta called it a "textbook social engineering case," highlighting vulnerabilities in employee access controls and human error.

- The breach triggered regulatory scrutiny, declining user trust, and industry calls for stronger cybersecurity measures amid similar attacks like BigONE's $27M theft.

In late July 2025, India-based cryptocurrency exchange CoinDCX suffered a $44 million cyberattack, which investigators attributed to a compromised employee account. Rahul Agarwal, a senior software engineer at the company, was arrested after authorities alleged that hackers used social engineering tactics and malware installed on his work laptop to access internal systems and siphon off the stolen assets [1]. The breach was facilitated not through direct theft of company property, but by manipulating employee access rights [2].

CoinDCX’s CEO, Sumit Gupta, confirmed the breach in an official statement, describing it as a textbook case of social engineering. He noted that attackers exploited an internal employee through a fake job offer, which led to the installation of malicious software and the eventual theft [3]. Agarwal reportedly denied direct involvement in the theft but admitted to engaging in freelance projects while employed at CoinDCX, a practice that may have increased his exposure to external risks [4].

The incident has raised broader concerns about security vulnerabilities in the cryptocurrency sector. CoinDCX’s parent company, Neblio Technologies, launched an internal investigation, which led to Agarwal’s arrest. A company-issued device, meant for work-only use, was seized by police for further examination. The investigation revealed that the hackers did not need to physically obtain the device; instead, they used sophisticated tactics to manipulate access from a remote location [5].

The breach significantly impacted CoinDCX’s market position and user trust, with immediate declines in trading volume and confidence. Analysts predict that such incidents will lead to tighter regulatory oversight and greater internal security measures across the industry [6]. This follows similar patterns in past breaches, where regulatory scrutiny and technological adaptations were often the long-term outcomes.

The crypto sector is increasingly facing challenges related to cyber threats that exploit human error and weak access controls. Just weeks before the CoinDCX breach, another major exchange, BigONE, reported a $27 million theft from one of its hot wallets, reinforcing the urgency for stronger safeguards [1].

Sources:

[1] AInvest, [https://www.ainvest.com/news/coindcx-hit-44m-social-engineering-hack-staff-engineer-breach-2508/](https://www.ainvest.com/news/coindcx-hit-44m-social-engineering-hack-staff-engineer-breach-2508/)

[2] BitDegree, [https://www.bitdegree.org/crypto/news/software-engineer-arrested-after-hackers-loot-44-million-from-coindcx](https://www.bitdegree.org/crypto/news/software-engineer-arrested-after-hackers-loot-44-million-from-coindcx)

[3] AInvest, [https://www.ainvest.com/news/coindcx-investigates-44-million-breach-staff-engineer-compromised-credentials-2507/](https://www.ainvest.com/news/coindcx-investigates-44-million-breach-staff-engineer-compromised-credentials-2507/)

[6] CCN.com, [https://www.ccn.com/education/crypto/](https://www.ccn.com/education/crypto/)

Comments



Add a public comment...
No comments

No comments yet