Indian law enforcement has determined that the massive hack of the cryptocurrency exchange CoinDCX was made possible by malware that hackers installed on the work laptop of one of the company’s employees. As a result of this attack, the perpetrators were able to access crypto assets worth $44 million.
This is reported by Business • Media
How the Hackers Organized the CoinDCX Breach
The investigation revealed that the criminals gained the trust of a CoinDCX employee with three years of experience — Rahul Agarwal. They offered him a side job that initially involved writing online reviews from his personal device. Eventually, Agarwal began completing tasks from the corporate laptop, on which hackers discreetly installed the malicious software. This malware provided the cybercriminals with access to CoinDCX’s operational wallet and allowed them to transfer assets to six external crypto wallets.
According to the police, during the internal investigation, it was discovered that Agarwal received over $17,000, which he explained as payment for freelance services.
“Agarwal had no idea he was being used as a tool by the hackers. The realization came too late.”
Investigation and Challenges for India
The cryptocurrency market in India is still largely unregulated, complicating the investigation of cybercrimes. In February 2025, the country’s authorities announced a review of their stance on cryptocurrencies, but no specific legislative changes have been implemented yet. Law enforcement officials note that the lack of transparent identification of cryptocurrency wallets significantly hinders the process of tracking stolen funds.
“If it were a bank transfer, we would be able to trace the money’s path. But cryptocurrency wallets do not originate from India. If exchanges refuse to provide information — it will be very difficult,” commented a police officer.
The Bengaluru police have opened a criminal case under several sections of the criminal code and IT act, including theft, fraud, and breach of trust.
Following the incident, CoinDCX co-founder Niraj Khandelwal announced a reward program: those who help recover the assets are offered up to 25% of the recovered amount, meaning the potential reward could exceed $11 million.
At the same time, CoinDCX CEO Sumit Gupta denied rumors of alleged negotiations to sell the company to the American platform Coinbase for nearly $1 billion.