- Indian crypto exchange CoinDCX lost $44 million due to a security breach traced to a compromised developer laptop.
- Police arrested a CoinDCX software engineer in Bangalore after tracing suspicious payments tied to the incident.
- The breach occurred after the engineer worked freelance jobs and opened files from unknown parties, which may have enabled credential theft.
- Security experts highlight this hack as an example of developer-targeted phishing and underline the need for stronger backend controls.
- The incident also raised concerns over slow disclosure and potential misuse of work equipment by employees.
A security breach at CoinDCX, a large Indian cryptocurrency exchange, led to the loss of $44 million on July 19, according to local authorities. The hack was traced to the compromised work laptop of a software engineer, who has since been arrested in Bangalore.
Investigators found the employee, Rahul Agarwal, used his company-provided laptop to perform freelance work for several unknown clients. Police allege that files sent to him during these side jobs likely acted as bait, enabling Hackers to gain access to his login credentials. They also found Agarwal received a payment of about $17,000 from an unidentified source.
Reports from Hacker-used-his-login-to-siphon-funds-got-call-from-Germany/amp_articleshow/123008462.cms” target=”_blank” rel=”noreferrer noopener”>The Times of India state that Agarwal admitted to being contacted by a German number for extra work. He suspects the files he received as part of this engagement were designed to compromise his device. Online investigator ZachXBT flagged the theft on social media before CoinDCX officially confirmed the incident.
Blockchain security firm Halborn described the event as “a classic example of an exchange hack likely involving a compromised private key” in their explanation. Halborn’s report warned that backend infrastructure remains a weak point for many crypto exchanges and recommended stronger security measures, noting that routine security audits often overlook these risks.
Another security specialist from SlowMist shared a recent case on the Chinese developer platform V2EX, outlining how hackers conduct fake job recruitment to get developers to download malicious project files. If run, these files can infect a computer, stealing cryptocurrency and login information.
Community responses point to concerns over employee negligence and question whether Agarwal was an unknowing victim or played a more direct role in the hack. The case has sparked renewed attention on the dangers of developer phishing—where attackers target those with high-level system access through deceptive files or communications.
For additional background on similar security incidents, see reports on the Bybit hack and a SuperRare staking contract breach.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
Previous Articles:
- Algeria Expands Ban: All Crypto Activities Now Illegal
- Shiba Inu Poised for 500% Surge as Analysts Eye All-Time High
- Ether Machine Buys $57M in ETH, Now 3rd-Largest Corporate Holder
- Google Launches DBSC to Block Cookie Theft, Unveils Patch Gap Policy
- White House Unveils Crypto Roadmap, Calls for New SEC Legislation
