In a major breakthrough in the ₹379 crore (approximately $44 million) cryptocurrency theft from CoinDCX, Bengaluru police have arrested a software engineer employed by the crypto exchange. The suspect, Rahul Agarwal, 30, a resident of Carmelaram in Bengaluru and originally from Haridwar, Uttarakhand, is alleged to have unknowingly enabled the breach after his official system was compromised.
The arrest follows a formal complaint by Neblio Technologies, the parent company behind the CoinDCX platform. According to the complaint filed by Hardeep Singh, Vice-President – Public Policy at Neblio Technologies, the suspicious activity was first detected in the early hours of July 19. A single USDT token was initially transferred around 2:37 a.m., which was followed by a large-scale unauthorized transfer of $44 million (₹379 crore) to six external wallets at 9:40 a.m.
Upon investigation, CoinDCX’s internal cybersecurity team discovered that Rahul Agarwal’s company-issued laptop had been compromised, allowing an unknown hacker to access critical financial infrastructure within the company.
Moonlighting and Foreign Call Links
During police interrogation, Agarwal denied direct involvement in the theft but admitted to moonlighting for multiple unidentified clients, raising suspicions over his digital exposure. He claimed to have received a WhatsApp call from a German number, which he said involved a request to work on some shared files. Agarwal told investigators that one of these files might have served as a trojan or bait, enabling the hacker to penetrate his official system.
Further, authorities revealed that ₹15 lakh was deposited into Agarwal’s bank account from unidentified sources. This transaction is now under scrutiny as police continue to investigate possible links between the foreign call, the file access, and the digital breach.
Internal Audit and Legal Proceedings
The company’s internal audit process flagged the breach and identified Agarwal’s compromised system as the point of vulnerability. Officials noted that the laptop was strictly issued for professional use, and its misuse or external engagement violated organizational protocols.
Law enforcement agencies are currently pursuing digital forensic analysis to trace the origin of the hack and identify whether Agarwal was a deliberate accomplice or an unwitting pawn in a larger cybercriminal operation. The nature of his moonlighting activities and the background of the unidentified parties he worked for are key areas of investigation.
The Bengaluru police have initiated legal proceedings under relevant provisions of the Information Technology Act and Indian Penal Code (IPC) related to data theft, fraud, and unauthorized access to protected systems.
The incident raises fresh concerns about insider threats, system security, and the risks posed by external engagements in high-stakes fintech and crypto environments.
 cryptocurrency theft from CoinDCX, Bengaluru police have arrested a s...){kind=link}