Sumit Gupta, CEO of Indian crypto exchange CoinDCX, has linked the platform’s recent $44 million security breach to a targeted social engineering attack.
In a July 31 statement shared via X (formerly Twitter), Gupta said early findings indicate that the exploit may have stemmed from manipulation tactics to gain unauthorized internal access. He explained that these attacks often involve tricking employees into compromising sensitive systems or credentials.
According to him:
“Based on our internal preliminary findings, this appears to be a sophisticated social engineering attack. Naturally, in these attacks, employees of a company are targeted to gain unlawful access to internal systems of an organisation.”
This confirms reports from Indian media outlets suggesting that a CoinDCX employee may have played a key role, knowingly or negligently. According to The Times of India, police in Bengaluru have detained Rahul Agarwal, a CoinDCX software engineer, whose internal credentials were allegedly misused during the breach.
The report claims the attacker initiated a small $1 USDT transaction from the employee’s account as a test before moving on to the larger $44 million theft. Authorities are examining whether the staff member was complicit or compromised in the attack.
Meanwhile, Gupta failed to provide further information about the investigations. Instead, he said:
“As this is an ongoing investigation, we unfortunately cannot engage with the media or public on this issue. We want to ensure the integrity of the process is maintained and are fully cooperating with the authorities.”
Social engineering attacks
Social engineering attacks continue to plague the crypto industry, often bypassing technical safeguards by targeting human behavior. Security researchers estimate that up to 98% of cyberattacks stem from some form of social engineering.
So, the CoinDCX breach is part of a broader trend observed in the past year.
Last year, US authorities revealed that North Korea-linked attackers used similar tactics to steal $305 million from Japan’s DMM Bitcoin exchange. Earlier this year, blockchain analyst ZachXBT also revealed that Coinbase users lose over $300 million annually to social engineering scams.
These cases highlight a pressing issue where even advanced cybersecurity measures can fail when employees are manipulated.