BREAKING: CoinDCX Engineer Nabbed in $44M Crypto Heist—Inside the Exploit That Shook the Industry
Another day, another crypto hack—except this one had an inside job twist. Indian exchange CoinDCX just confirmed the arrest of a software engineer linked to a $44 million security breach. Was it greed, a flaw in the system, or just another Tuesday in DeFi?
How the Heist Unfolded
Details are still murky, but sources say the engineer exploited backend vulnerabilities to siphon funds. The attack targeted hot wallets—because why bother with hard-to-reach cold storage when you’ve got an accomplice with admin rights?
The Fallout
CoinDCX insists user funds are ‘safe’ (after the $44 million leak, of course). Meanwhile, the broader crypto community shrugs—another hack, another ‘we’ll do better’ press release. Remember when ‘trustless’ meant no intermediaries, not ‘trust us, we’ll fix it post-theft’?
Finance’s Ironic Punchline
Banks get robbed by guys in ski masks. Crypto gets robbed by guys in hoodies… typing in their bedrooms. Progress?
Details on What Happened
A local Indian news outlet, The Times of India, shared the story about Rahul Agarwal, a staff member of the CoinDCX exchange, whose login information was compromised. He has been taken into custody by Bengaluru authorities, reportedly linked to a ₹379-crore ($44 million) exploit of funds.
The alarm was raised following a complaint by Nebilo Technologies, the company that runs the exchange. Their Vice President for public policy, Hardeep Singh, stated the following:
“Rahul had a permanent role within the company, and he was provided with a laptop strictly for work. Our investigation began after we discovered that an unknown person had gained unauthorized access to our systems on July 19th, around 2:30 am, by transferring 1 USDT to an external wallet. Several hours later, around 9:30 a.m., the $44 million was siphoned off and distributed among six wallets.
During his questioning by the police, Agarwal maintained his innocent stance, claiming he knew nothing about the hack. However, he did admit to “moonlighting” (working a second job outside regular business hours) with three to four private parties, without thoroughly vetting them.
It’s further noted that the accused received ₹15 lakh (~$17,000) in his personal bank account from an unknown source. The Bengaluru police also point out that Agarwal claimed to have received a phone call from a German phone number, stating he “had a few files to complete.”
He believes one of those files was fitted with malware, which granted the attackers access to CoinDCX’s internal systems, and he remained adamant that he was unaware of what was happening until the company summoned him.
The exchange’s founder and CEO, Sumit Gupta, shared the bitter news of the attack on X, calling it a “sophisticated social engineering attack,” but without being able to disclose any further information on what had transpired.
Some media reports have surfaced referencing the FIR we filed with the Karnataka Police regarding the security incident that impacted our platform.
As this is an ongoing investigation, we unfortunately cannot engage with the media or public on this issue. We want to ensure the…
— Sumit Gupta (CoinDCX) (@smtgpt) July 31, 2025
Hefty Losses
Unfortunately, the attacks on crypto exchanges are on the rise, increasing in complexity, and the damage to their coffers is significant.
The most notable example is the hack on Bybit in February, which resulted in a $1.5 billion loss, linked to the North Korean Lazarus Group.
Overall, 2025 has seen enormous amounts of funds stolen, topping records from previous years only during the first half of the year.
These incidents serve as an example of how geopolitical tensions, cybersecurity vulnerabilities, and sophisticated adversaries continue to pose a significant risk to even well-established cryptocurrency platforms.
