tl;dr
Indian crypto exchange CoinDCX suffered a $44 million hack traced to insider involvement. Software engineer Rahul Agarwal was arrested after hackers used his login credentials to access internal funds. Agarwal's freelance work on his company laptop created a vulnerability exploited via a suspicious ...
In a dramatic twist to the massive $44 million hack of Indian crypto exchange CoinDCX, police have uncovered evidence suggesting insider involvement. An employee, Rahul Agarwal, a software engineer at the exchange, was arrested on suspicion of complicity in the fraud. The breach was traced back to hackers exploiting Agarwal's login credentials, which allowed them to siphon off the funds from an internal liquidity account.
Investigations revealed that Agarwal used his company laptop for freelance work, which became the vulnerability hackers exploited. He reportedly received a suspicious WhatsApp call from Germany involving files that may have acted as a bait for the breach. Agarwal claimed ignorance of the theft until being summoned by his employer. Meanwhile, CoinDCX’s parent company, Neblio Technologies, filed a formal complaint after detecting the unauthorized transactions.
Police noted that approximately $17,131 was transferred to Agarwal’s bank account from unknown sources, which he attributed to his part-time jobs. The timing of this arrest coincides with rumors of the US-based crypto giant Coinbase potentially acquiring CoinDCX at a valuation under $900 million. However, CoinDCX’s CEO Sumit Gupta denied the acquisition rumors, emphasizing the company’s commitment to growing India’s crypto market.
The incident draws parallels to a previous $234 million hack of another Indian exchange, WazirX, linked to the North Korean Lazarus Group by cybersecurity experts. This pattern highlights the persistent threats facing crypto exchanges and the complex risks posed by insider threats combined with sophisticated external hacking.