CoinDCX, a prominent cryptocurrency exchange, suffered a significant security breach resulting in a $44 million theft. The incident involved the arrest of Rahul Agarwal, a software engineer, whose corporate laptop credentials were compromised via a sophisticated social engineering attack. Hackers used WhatsApp to send malicious files, gaining unauthorized access to the company's digital asset infrastructure. The breach was executed by transferring $44 million worth of digital assets to multiple wallets, highlighting critical vulnerabilities in the exchange's security protocols.
Source: https://cybersecuritynews.com/bangalore-techie-arrested-coindcx/
TPRM report: https://scoringcyber.rankiteo.com/company/coindcx
"id": "coi242073125",
"linkid": "coindcx",
"type": "Breach",
"date": "7/2025",
"severity": "100",
"impact": "",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'industry': 'Financial Services',
'location': 'Bangalore, India',
'name': 'CoinDCX',
'type': 'Cryptocurrency Exchange'}],
'attack_vector': ['Social Engineering', 'Malware'],
'date_detected': '2023-07-19',
'description': 'A software engineer at CoinDCX was arrested in connection '
'with a $44 million cryptocurrency theft due to a security '
'breach involving compromised login credentials.',
'impact': {'financial_loss': '$44 million',
'systems_affected': 'Cryptocurrency management systems'},
'investigation_status': 'Ongoing',
'lessons_learned': 'Critical vulnerabilities in cryptocurrency exchange '
'security infrastructure and the importance of robust '
'employee vetting procedures, multi-factor authentication '
'systems, and comprehensive cybersecurity awareness '
'training.',
'motivation': 'Financial Gain',
'references': [{'source': 'The Times of India'}],
'response': {'law_enforcement_notified': True},
'title': 'CoinDCX Cryptocurrency Theft',
'type': 'Cryptocurrency Theft',
'vulnerability_exploited': 'Compromised login credentials'}