- A CoinDCX software engineer, Rahul Agarwal, has been arrested after hackers exploited his work laptop credentials to steal $44 million from the crypto exchange.
- While Agarwal denies direct involvement, his unauthorized freelance work and access to sensitive systems have raised major concerns about insider threats and operational security within crypto firms.
A dramatic turn of events has unfolded in India’s crypto space as a CoinDCX employee has been arrested in connection with a massive $44 million hack on the exchange. Rahul Agarwal, a 30-year-old software engineer working with CoinDCX, was taken into custody by Bengaluru City police following an internal probe by the platform’s operator, Neblio Technologies.
The breach occurred during the early hours of July 19, when hackers exploited Agarwal’s work laptop credentials to infiltrate CoinDCX’s internal systems. The attackers initially transferred a small amount of USDT to a wallet as a test, before siphoning off $44 million worth of digital assets across six wallets in a coordinated exploit.
Security Lapses and a Sophisticated Attack
Neblio’s investigation revealed that Agarwal’s credentials had been compromised through his official work-issued laptop. Although Agarwal denied any direct involvement in the theft, he did admit to working part-time for up to four private clients while employed at CoinDCX, raising serious concerns about unauthorized access to sensitive systems.
The exchange’s leadership believes this may have been the result of a “sophisticated social engineering attack.” CoinDCX CEO Sumit Gupta addressed the matter in a post on X, stating that the team is actively investigating the breach and is unable to comment further due to the ongoing nature of the case.
Gupta urged the public and media to avoid speculation.
This appears to be a targeted attack that exploited an employee. We ask for patience as the investigation proceeds,
Gupta said.
Company Urges Caution Amid Investigation
CoinDCX has refrained from commenting directly on Agarwal’s arrest but reiterated through a spokesperson that sharing unverified information could jeopardize ongoing efforts to resolve the situation. The exchange is reportedly working with law enforcement and cybersecurity experts to trace the stolen funds and identify the perpetrators behind the hack.
Bengaluru police, citing Hardeep Singh, Neblio’s vice president for public policy, confirmed that Agarwal was a permanent staff member with access to the company’s internal systems via a designated laptop.
A LinkedIn profile believed to belong to Agarwal indicates he had been with CoinDCX for more than two years, specializing in DevOps engineering. His arrest has raised broader concerns about insider vulnerabilities and the risks of remote work setups in crypto firms.
As investigations continue, CoinDCX and its partners are focused on strengthening security infrastructure and rebuilding user trust in the wake of one of the largest crypto exchange heists of the year.
