CoinDCX Employee Arrested in $44M Crypto Hack, Denies Involvement

The $44 million CoinDCX hack investigation led to the arrest of a 30-year-old employee who was allegedly duped into installing malware via a job-bait scam. Despite his arrest, the engineer denied involvement, claiming that he was unaware of the hack.

CoinDCX Hack: Employee Detained

In the latest development in the massive $44 million CoinDCX hack, the Indian police arrested an employee whose company laptop was compromised. Rahul Agarwal, a software engineer at CoinDCX, was accused of using his credentials to allow hackers to access the platform’s systems and steal funds.

However, Agarwal has denied the allegations, leaving open the possibility of internal vulnerabilities or complex social engineering tactics. The accused claimed he was unaware of any wrongdoing, adding that he had been doing freelance work on the side.

As CoinGape reported, the Indian crypto exchange announced the $44 million hack that impacted one of its internal accounts on July 19. Despite the hack, the company assured that no user funds were stolen.

According to The Times of India report, police believe hackers posing as recruiters tricked the software engineer into installing malware, leading to a $44 million crypto theft. Citing Hardeep Singh, who leads public policy at Neblio, the police stated,

Rahul was on the permanent rolls of the company and he had been given a laptop strictly for office work. He came under the scanner after the company found out that an unknown person had hacked into the system at 2.37am on July 19 and transferred one USDT to a wallet. Around 9.40am, the hacker siphoned off $44 million (Rs 379 crore) and transferred it to six wallets.

CoinDCX Claims Social Engineering Attack

Earlier today, CoinDCX CEO Sumit Gupta shared an X post, claiming that the hack appears to be a “sophisticated social engineering attack.” The crypto exchange refused to comment on Agarwal’s arrest, citing an ongoing investigation that restricts their engagement with the media.

He noted,

As this is an ongoing investigation, we unfortunately cannot engage with the media or public on this issue. We want to ensure the integrity of the process is maintained and are fully cooperating with the authorities.

Interestingly, this development follows recent rumors about a potential acquisition of CoinDCX by Coinbase. However, Gupta dismissed these discussions, saying, “Ignore the rumours! CoinDCX is “super focused” on building for India’s crypto story and not up for sale! Heads down and super focused on Building.”

Further, the CEO added that in social engineering attacks, the company employees will be targeted to gain unauthorized access to internal systems. Acknowledging the ongoing investigation, he added, “We understand, at this point the law enforcement agencies are investigating the matter to track and trace the hackers responsible for the attack.”