Sumit Gupta, CEO of Indian cryptocurrency exchange CoinDCX, has confirmed that the platform’s recent $44 million security breach was the result of a “sophisticated social engineering attack” aimed at gaining unauthorized internal access. The revelation follows growing speculation and reports from local media.
In a statement shared via X (formerly Twitter) on July 31, Gupta explained that preliminary findings suggest the exploit originated from manipulation tactics designed to trick employees into compromising sensitive systems or credentials. “Based on our internal preliminary findings, this appears to be a sophisticated social engineering attack. Naturally, in these attacks, employees of a company are targeted to gain unlawful access to internal systems of an organisation,” Gupta stated.
This aligns with reports from Indian media, including The Times of India, which suggest a CoinDCX software engineer, Rahul Agarwal, has been detained by police in Bengaluru. Agarwal’s internal credentials were allegedly misused during the breach. The report indicates that the attackers initially conducted a small $1 USDT test transaction from the employee’s account before executing the larger $44 million theft. Authorities are investigating whether the employee was complicit or inadvertently compromised.
While acknowledging the ongoing investigation, Gupta refrained from providing further details, stating, “As this is an ongoing investigation, we unfortunately cannot engage with the media or public on this issue. We want to ensure the integrity of the process is maintained and are fully cooperating with the authorities.”
The CoinDCX incident underscores a persistent and growing threat within the crypto industry: social engineering attacks. These attacks exploit human behavior rather than technical vulnerabilities, often bypassing advanced cybersecurity measures. Security researchers estimate that a significant majority, up to 98%, of all cyberattacks stem from some form of social engineering.
The CoinDCX breach is part of a broader trend of such incidents plaguing the digital asset ecosystem. Last year, U.S. authorities reported that North Korea-linked attackers utilized similar social engineering tactics to steal $305 million from Japan’s DMM Bitcoin exchange. Earlier this year, prominent blockchain analyst ZachXBT revealed that Coinbase users are losing over $300 million annually to social engineering scams. These cases highlight the critical need for enhanced employee training and robust internal security protocols to counter human-centric cyber threats.
