The arrest marks a major breakthrough in one of the largest crypto cores in India and reveals how the pirates used the targeting of employees to violate the safety of trade.
A software engineer of the greatest Indian cryptocurrency exchange was arrested in touch with a flight of $ 44 million that shook the platform in July.
The employee was deceived in the installation of malicious software
Bengaluru police arrested Rahul Agarwal, a 30 -year -old software engineer who worked Coesscx For more than two years. Investigators say that hackers have presented themselves as recruiters offering independent work to encourage Agarwal to download malware on its business laptop.
The attack took place on July 19, 2025, when someone used Agarwal’s connection details to access Coindcx internal systems. At 2:37 a.m., the hackers carried out a small test transaction from a USDT token. At 9:40 a.m., they had stolen $ 44 million and moved the funds through six different cryptographic wallets.
The police found that the agarwal bank account contained $ 17,000 in unknown sources. During the interrogation, he denied having known the hacking but admitted to having taken independent jobs of customers that he could not identify. His company’s laptop was the only device that was compromised during the Coindcx internal survey.
How the hack went
The flight has targeted the Coindcx operational portfolio, which the company uses to negotiate with the exchanges of partners. This portfolio was separated from customer accounts, which means that user funds remained safe throughout the attack.
The detective of the Zachxbt blockchain first spotted the suspicious activity and publicly pointed out the hack. The investigator criticized Coindcx for waking up 5 p.m. before announcing the violation of users.
CEO of Coindcx, Sumit Gupta, confirmed the attack and described it as a “sophisticated attack on social engineering”. He explained that such attacks target company employees to obtain unauthorized access to internal systems. The stolen funds have been moved to several blockchain networks, which makes them difficult to follow.
Source: @Smtgpt
Coindcx context and growth
Founded in 2018 by Sumit Gupta and Neeraj Khandelwal, Coindcx has become the most valuable Crypto company in India. The exchange serves more 16 million users And offers access to more than 500 different cryptocurrencies.
The company became the first cryptographic unicorn in India in 2021 after having increased $ 90 million with an evaluation of $ 1.1 billion. In 2022, Coindcx reached a cutting -edge assessment of $ 2.15 billion after obtaining $ 135 million from investors, including Coinbase Ventures and Pantera Capital.
Coindcx has increased a total of $ 247 million On six financing laps of 36 investors. The main donors include Bath Capital Ventures, Jump Capital and Polychain Capital.
India cryptography security problems
This hack adds to growing security concerns for Indian cryptography exchanges. Almost a year earlier, another great Indian exchange called Wazirx lost $ 235 million against pirates. The moment has raised questions about the question of whether the Indian platforms are specifically targeted.
According to the security company Certik, the pirates have stolen $ 2.47 billion Cryptographic platforms in the first half of 2025 only. This already exceeds all the losses of 2024. The two largest flights were the Bybit Stock Exchange losing $ 1.5 billion in February and the Cetus protocol lost $ 225 million in May.
Business response and recovery efforts
Coindcx has launched a recovery premium bonus program offering up to 25% of the funds recovered from safety experts who can help find the stolen money. This could pay up to $ 11 million, making it one of the largest crypto bonuses in Indian history.
The exchange works with cybersecurity companies and cryptographic criminalic agencies to trace stolen funds. They also cooperate with Application of the law agencies investigating the case.
Recent reports suggest that Coinbase was planning to acquire Coindcx at a reduced price after the hack. However, the CEO Gupta quickly denied these rumors on social networks, declaring that the company is not for sale.
What it means for the safety of cryptography
The Coindcx incident shows how modern crypto attacks are increasingly targeting human weaknesses rather than simple technical vulnerabilities. Social engineering attacks like this become more common because hackers find it easier to deceive employees than to unravel security systems.
The case highlights the need for better training of employees and stricter controls on the company’s devices. It also demonstrates the importance of maintaining the separate operational funds from customer accounts, which prevented user losses in this case.
While the investigation continues, the authorities are trying to identify other people who may have been involved in the flight. The arrest of Agarwal represents progress, but questions remain on the entire scope of the attack and if other exchanges are faced with similar threats.
