Several CoinDCX staff members have been detained in connection with a $44 million cryptocurrency heist. Authorities believe hackers exploited employee login credentials to execute the theft from the Indian crypto exchange. Investigations are ongoing.
Police have discovered evidence of potential insider involvement in the significant breach of the Indian crypto exchange CoinDCX, which is an intriguing development. An employee was apprehended on suspicion of involvement in the fraud.
According to local reports, hackers exploited a CoinDCX tech employee’s logon credentials to steal $44 million in cryptocurrency. Rahul Agarwal serves as a software engineer for the exchange.
The arrest resulted from a formal complaint filed by Neblio Technologies, the parent company of CoinDCX, regarding hackers’ exploitation of Agarwal’s login credentials.
On July 19, CoinDCX experienced a significant security lapse that compromised an internal account utilized to provide liquidity to customers.
As previously reported, cybersecurity experts from Cyvers discovered that the exploit is associated with the notorious North Korean Lazarus Group. They stated that the breach pattern is similar to the $234 million crypto hack of WazirX, another Indian crypto exchange, that occurred last year.
CoinDCX Employee Received Call From Germany, Worked Part-Time
Agarwal was a permanent employee of the company, according to Hardeep Singh, Neblio’s vice-president for public policy. Furthermore, he was discovered to employ the company laptop for freelance work.
“He was investigated after the company discovered that an unknown individual had accessed the system at 2:37 a.m. on July 19 and transferred 1 USDT to a wallet,” according to a police statement citing Hardeep Singh. “The hacker transferred $44 million to six wallets at approximately 9:40 a.m.”
The intruder could access CoinDCX’s server due to Agarwal’s laptop being compromised, as the company’s internal investigations later revealed.
During the police interrogation, the employee acknowledged that they were moonlighting, utilizing the company laptop to pursue private employment. Agarwal also reported receiving a WhatsApp call from Germany informing him that a few files had been sent to him for completion.
In a statement, the police stated that “he stated that one of the files could have been bait, and the hacker could have entered his official system.” “He maintained that he was unaware of the theft until his employer summoned him.”
Numerous sections of the Indian Information Technology Act have registered a case.
Hackers Transferred $17K to Techie
Also, the techie had received approximately $17,131 from an unknown source into his bank account, which raised concerns, according to my investigations.
Agarwal claimed to have received the sum through his part-time job over the past year, according to the police First Information Report (FIR).
The announcement was made one day following the emergence of rumors regarding the acquisition of CoinDCX by the US crypto exchange behemoth, Coinbase. According to a local report, the transaction would value CoinDCX at less than $900 million.
Subsequently, CoinDCX CEO Sumit Gupta dismissed the Coinbase acquisition as “rumors,” asserting that CoinDCX is “extremely committed” to developing India’s crypto narrative and is not for sale.
