Following the staggering $44 million crypto theft from Bengaluru-based Neblio Technologies Pvt Ltd, which runs CoinDCX, a key question looms: Can the stolen funds ever be recovered?
CoinDCX, India’s leading crypto exchange, confirmed that customer assets remain untouched, stored securely in cold wallets, and launched a recovery bounty program. However, cybercrime investigators believe the breach — reportedly orchestrated using login credentials of a techie named Rahul Agarwal — may involve North Korean hacker groups.
An investigating officer said the stolen crypto was routed across six wallets, eventually ending up in a single wallet linked to a North Korean cartel. This international involvement, coupled with advanced intrusion tactics, including employee hardware compromise, complicates recovery efforts.
Authorities are also probing Agarwal’s role, examining whether he was a collaborator or an unwitting target. Cybersecurity experts highlight how such breaches may stem from purchased credentials on the dark web for as little as $10–15.
Despite CoinDCX’s assurance of enhanced security protocols and collaborations with global cybersecurity firms Sygnia and Seal911, experts remain cautious.
Avinash Shekhar, founder of Pi42 and ex-ZebPay CEO, noted that recovery hinges on the nature of assets. USDT (a centralized token) may be frozen, while Ethereum and decentralized tokens are far harder to trace or reclaim. If state-backed actors like North Korea are involved, legal jurisdiction becomes virtually impossible.
Still, blockchain’s immutability leaves hope. “Stolen crypto has been traced and frozen even years later,” Shekhar said.