CoinDCX Staff Held for $44M Heist, Hackers Exploited Login Credentials
In an interesting twist to the massive hack of Indian crypto exchange CoinDCX, police have found evidence of possible insider involvement. An employee was arrested on suspicion of involvement in the fraud.
Per local reports, hackers exploited login credentials of a CoinDCX tech employee to siphon $44 million in crypto. The employee, Rahul Agarwal, works as a software engineer for the exchange.
The arrest comes after CoinDCX’s parent firm, Neblio Technologies, lodged a formal complaint over hackers exploiting Agarwal’s login credentials.
CoinDCX suffered a major security breach on July 19 that compromised an internal account used to provide liquidity to customers.
— Cryptonews.com (@cryptonews) July 20, 2025
Indian crypto exchange @CoinDCX has confirmed a major security breach that resulted in the loss of $44 million.#India #Hackhttps://t.co/89JyvTXlxk
As reported earlier, cybersecurity experts from Cyvers found that the exploit is linked to the infamous North Korean Lazarus Group. They said that the hack pattern mirrors another Indian crypto exchange WazirX’s $234 million crypto hack last year.
CoinDCX Employee Received Call From Germany, Worked Part-Time
According to Hardeep Singh, Neblio vice-president for public policy, Agarwal was a permanent employee of the company. Further, he was found using the company laptop for freelance jobs.
“He came under the scanner after the company found out that an unknown person had hacked into the system at 2.37 am on July 19 and transferred 1 USDT to a wallet,” a police statement said, quoting Hardeep Singh. “Around 9.40 am, the hacker siphoned off $44 million and transferred it to six wallets.”
The company’s internal investigations later revealed that Agarwal’s laptop was compromised, allowing the hacker to access CoinDCX’s server.
Further, during police interrogation, the employee admitted to moonlighting, taking up private jobs using the company laptop. Agarwal also noted that he received a WhatsApp call from Germany stating that a few files had been sent to him for completion.
“He said one of the files could have been a bait and the hacker could have entered into his official system,” police said in a statement. “He maintained he was not aware of the theft till his company summoned him.”
A case has been registered under various sections of the Indian Information Technology Act.
Hackers Transferred $17K to Techie
Additionally, per investigations, the techie had received around $17,131 into his bank account from an unknown source, raising questions.
The police First Information Report (FIR) stated that Agarwal claimed to have received the amount through his part-time job over the past year.
The news arrives a day after rumors erupted over US crypto exchange giant Coinbase acquiring CoinDCX. A local report revealed that the deal would appraise CoinDCX at below $900 million.
Later, CoinDCX CEO Sumit Gupta called the Coinbase acquisition “rumours,” adding that CoinDCX is “super focused” on building for India’s crypto story and not up for sale.
The post CoinDCX Staff Held for $44M Heist, Hackers Exploited Login Credentials appeared first on Cryptonews.
Read More
Coinbase in Advanced Talks to Acquire CoinDCX at Valuation Below $1B: Report
Solv Protocol Introduces Automated Yield Generation for Bitcoin Holders
CoinDCX Staff Held for $44M Heist, Hackers Exploited Login Credentials
In an interesting twist to the massive hack of Indian crypto exchange CoinDCX, police have found evidence of possible insider involvement. An employee was arrested on suspicion of involvement in the fraud.
Per local reports, hackers exploited login credentials of a CoinDCX tech employee to siphon $44 million in crypto. The employee, Rahul Agarwal, works as a software engineer for the exchange.
The arrest comes after CoinDCX’s parent firm, Neblio Technologies, lodged a formal complaint over hackers exploiting Agarwal’s login credentials.
CoinDCX suffered a major security breach on July 19 that compromised an internal account used to provide liquidity to customers.
— Cryptonews.com (@cryptonews) July 20, 2025
As reported earlier, cybersecurity experts from Cyvers found that the exploit is linked to the infamous North Korean Lazarus Group. They said that the hack pattern mirrors another Indian crypto exchange WazirX’s $234 million crypto hack last year.
CoinDCX Employee Received Call From Germany, Worked Part-Time
According to Hardeep Singh, Neblio vice-president for public policy, Agarwal was a permanent employee of the company. Further, he was found using the company laptop for freelance jobs.
“He came under the scanner after the company found out that an unknown person had hacked into the system at 2.37 am on July 19 and transferred 1 USDT to a wallet,” a police statement said, quoting Hardeep Singh. “Around 9.40 am, the hacker siphoned off $44 million and transferred it to six wallets.”
The company’s internal investigations later revealed that Agarwal’s laptop was compromised, allowing the hacker to access CoinDCX’s server.
Further, during police interrogation, the employee admitted to moonlighting, taking up private jobs using the company laptop. Agarwal also noted that he received a WhatsApp call from Germany stating that a few files had been sent to him for completion.
“He said one of the files could have been a bait and the hacker could have entered into his official system,” police said in a statement. “He maintained he was not aware of the theft till his company summoned him.”
A case has been registered under various sections of the Indian Information Technology Act.
Hackers Transferred $17K to Techie
Additionally, per investigations, the techie had received around $17,131 into his bank account from an unknown source, raising questions.
The police First Information Report (FIR) stated that Agarwal claimed to have received the amount through his part-time job over the past year.
The news arrives a day after rumors erupted over US crypto exchange giant Coinbase acquiring CoinDCX. A local report revealed that the deal would appraise CoinDCX at below $900 million.
Later, CoinDCX CEO Sumit Gupta called the Coinbase acquisition “rumours,” adding that CoinDCX is “super focused” on building for India’s crypto story and not up for sale.
The post CoinDCX Staff Held for $44M Heist, Hackers Exploited Login Credentials appeared first on Cryptonews.
Read More
Coinbase in Advanced Talks to Acquire CoinDCX at Valuation Below $1B: Report