Bengaluru City police have arrested Rahul Agarwal (30), a software engineer with CoinDCX, in connection with the ₹379-crore cryptocurrency heist, marking a crucial development in the ongoing probe.
Agarwal, a resident of Carmelaram, Bengaluru, and originally from Haridwar, Uttarakhand, is suspected of unintentionally aiding hackers who breached CoinDCX systems using his login credentials. The arrest follows a complaint filed by Neblio Technologies, the parent firm of CoinDCX.
According to police, CoinDCX systems were hacked at 2:37am on July 19, when one USDT was transferred to test the breach. By 9:40am, hackers siphoned off $44 million (₹379 crore) into six different wallets.
Company officials grew suspicious after tracing the breach back to Rahul’s work-issued laptop. Internal investigations revealed his system’s security credentials had been compromised. Following this, Rahul was detained on July 26 by Whitefield CEN crime police.
Rahul has denied involvement in the theft but admitted to moonlighting for 3–4 unknown clients. He also told police he had received a WhatsApp call from a German number, where files were sent for “completion.” He suspects one of the files may have been a malware trap, allowing hackers to infiltrate the company’s network.
Investigators also uncovered ₹15 lakh deposited in his account from an unknown source, adding weight to insider involvement theories. He maintains he only learned of the theft after being questioned by the company.