Reports associate the recent attack on Indian crypto exchange CoinDXC with one of the platform’s employees.
Meanwhile, the Coinbase exchange is reportedly in talks to acquire the Indian platform. Coinbase capitalized on CoinDCX’s value drop to advance its foray into the Asian country.
CoinDXC Employee Rahul Agarwal Arrested Following $44 Million Crypto Theft
Local media reports that Rahul Agarwal, a software engineer at CoinDCX, was arrested following the recent attack on the platform.
The attack culminated in losses worth $44 million after bad actors compromised its internal wallet.
Reportedly, investigations revealed the perpetrators used Agarwal’s login credentials to access the system, siphoning the loot.
Based on this, Agarwal became the chief suspect as investigations continued. The Bengaluru City police have since arrested him. Neblio Technologies, which runs the CoinDCX exchange, is the complainant in the case.
“Rahul was on the permanent rolls of the company and he had been given a laptop strictly for office work. He came under the scanner after the company found out that an unknown person had hacked into the system at 2.37 am on July 19 and transferred one USDT to a wallet. Around 9.40 am, the hacker siphoned off $44 million (Rs 379 crore) and transferred it to six wallets,” local media reported, citing Neblio vice president for public policy Hardeep Singh.
With authorities in custody of Agarwal’s laptop, the suspect claims innocence but admits to moonlighting and taking up work with several private parties without investigating their credentials.
Nevertheless, authorities discovered that nearly $20,000 (Rs 15 lakh) had been remitted to Agarwal’s bank account from an unknown source.
Additionally, Agarwal stated that a German number contacted him to work on several files. According to the suspect, one of these files may have been the Trojan horse, giving the attackers access to his system.
Some users sympathized with Agarwal, calling him the victim, amid growing risks regarding credentials theft.
“In that case… he’s the victim, not the villain. Credential theft is real — and so are the gaps in access controls. Let’s fix the system, not just blame the user,” a user remarked on X.
However, on-chain sleuth ZachXBT, a blockchain investigator, called out the software engineer for this negligence.
Meanwhile, CoinDCX Co-founder and CEO Sumit Gupta declined to comment, which is a normal response when an investigation is still open.
However, Gupta revealed that the incident involved a social engineering attack, where bad actors target company employees to gain unlawful access to an organization’s internal systems.
“We understand, at this point the law enforcement agencies are investigating the matter to track and trace the hackers responsible for the attack,” Gupta articulated.
With investigations ongoing, this incident highlights the abounding risks that hackers pose to crypto and financial markets in general. It also calls for enhanced security and vigilance not to click on suspicious links.
The Coinbase exchange is reportedly in talks to acquire CoinCDX, signaling a strategic push into India’s fast-paced crypto market.
The expression of interest was timely, given CoinDCX’s valuation dropped below $1 billion after a $44 million hack.
The post CoinDCX Employee Linked to $44 Million Crypto Theft appeared first on BeInCrypto.
Source: https://beincrypto.com/coindcx-employee-44-million-theft-social-engineering/