CoinDCX Engineer Arrested After $44M Credential Hack

On July 19, hackers used DevOps engineer Rahul Agarwal’s compromised login credentials to breach an internal liquidity account at CoinDCX, initiating a 1 USDT test transfer at 2:30 am before siphoning ₹379 crore (about $44 million) into six wallets by 9:30 am. The hack, described by CEO Sumit Gupta as a “sophisticated social engineering attack,” was discovered after Neblio Technologies detected unauthorized access and filed a complaint, prompting Bengaluru police to seize Agarwal’s laptop and detain him. Agarwal denies direct involvement but admits to part-time external work and receiving ₹15 lakh from an unknown source. He claims a German phone call introduced malware into his work laptop, enabling attackers to bypass internal controls. CoinDCX emphasizes that no user assets were affected and is strengthening its exchange security and crypto security measures in response. The CoinDCX hack underscores rising credential breach risks and social engineering attacks in 2025, following high-profile exploits such as Bybit’s $1.5 billion Lazarus Group breach. Crypto traders should monitor how this incident influences exchange security standards and market confidence.