Bengaluru Police have arrested a 30-year-old software engineer in connection with the theft of approximately Rs 384 crore ($44 million) in cryptocurrency from CoinDCX. The accused, Rahul Agarwal, a permanent employee of CoinDCX, which is a crypto exchange platform, was arrested on July 26 by the Whitefield CEN crime police.
The alarm was raised on the early hours of July 19, when CoinDCX detected an unauthorised intrusion into their system. Hardeep Singh, Vice-President of Neblio Technologies, which operates CoinDCX, stated that a small amount of cryptocurrency was initially transferred. By 9:40 am, a total of $44 million worth of digital assets was stolen and distributed across six different crypto wallets.
CoinDCX investigation finds employee involved
Investigations conducted by the company revealed that the security details on Agarwal’s company-issued laptop had been compromised, providing the gateway for the hacker to access CoinDCX’s server. Following the discovery, police seized Agarwal’s laptop and took him in for interrogation.
Agarwal, who is a resident of Carmelaram and originally from Haridwar, Uttarakhand, has denied any involvement in the theft. However, he admitted to undertaking additional work for three to four private clients without knowing their specific details. Investigators further uncovered a suspicious deposit of Rs 15 lakh into Agarwal’s bank account from an unknown source.
In his statement to the police, Agarwal claimed to have received a WhatsApp call from a German number requesting him to complete certain files. He suggested that one of these files might have been a malicious trap set by the hacker to infiltrate his work system. Agarwal said that he was unaware of the theft until he was contacted by CoinDCX.
CoinDCX has confirmed its full cooperation with law enforcement agencies and cybercrime experts as the investigation into this significant cryptocurrency heist continues.
Is blockchain technology unsafe?
Despite major advancements in blockchain technology and cybersecurity measures, large-scale thefts remain a recurring threat. The decentralised and often anonymous nature of digital assets makes them attractive targets for sophisticated cybercriminals, who are constantly in the lookout for vulnerabilities in crypto exchange platforms, hot wallets, and even individual employee systems.
India’s stance on cryptocurrency has been evolving, with ongoing discussions around clearer regulatory frameworks to govern digital assets. Security incidents like the CoinDCX theft case often require calls for stricter oversight, enhanced consumer protection mechanisms, and mandatory cybersecurity standards for all operational exchanges.
