- Rahul Agarwal arrested for $44 million theft via compromised credentials.
- CoinDCX to cover losses from reserves, sparing customer funds.
- Incident highlights urgent need for stronger endpoint security.
In a shocking turn of events, Rahul Agarwal, a Bengaluru-based software engineer employed by Indian crypto exchange CoinDCX, was arrested on July 26, 2025, in connection with a staggering $44 million cryptocurrency theft.
The Whitefield CEN crime police apprehended Agarwal after an internal investigation revealed that hackers compromised his login credentials, granting them unauthorized access to CoinDCX’s servers. The breach, which occurred on July 19, saw the funds siphoned off to six crypto wallets around 9:40 AM, as reported by Deccan Herald on July 30, 2025.
The theft involved stablecoins from an internal liquidity account, not customer funds, a critical detail that has somewhat mitigated public panic. CoinDCX’s parent company, Neblio Technologies, confirmed the breach and stated it would absorb the $44 million loss from its reserves—a rare move in the crypto industry. This contrasts sharply with the $230 million WazirX breach in 2024, which decimated user assets and led to halted trading. The investigation uncovered a Rs 15 lakh deposit of unknown origin in Agarwal’s bank account, though he denied involvement, citing “moonlighting” freelance work as a possible factor in the credential compromise.
Read Also: How to Spot Scam Tokens: A Comprehensive Guide for Crypto Investors
Security experts are sounding alarms over the incident, pointing to inadequate endpoint security as a key vulnerability. A 2023 NIST study highlighted the growing risks of credential theft in financial systems, a warning CoinDCX appears to have overlooked. Agarwal’s laptop, now seized, is under forensic analysis to trace the hackers’ entry point. The case has sparked debates about the reliability of centralized exchanges, with critics arguing that such incidents undermine the decentralization ethos of crypto.
CoinDCX has promised a thorough review of its security protocols, but the incident raises broader questions about employee training and access controls in the crypto sector. As investigations continue, the crypto community awaits further updates, hoping this serves as a wake-up call for enhanced cybersecurity measures.
Disclaimer: This article is for informational purposes only and does not constitute financial advice. CoinCryptoNewz is not responsible for any losses incurred. Readers should do their own research before making financial decisions.
