Bengaluru Police Identify Cause of $44 Million CoinDCX Crypto Heist
Bengaluru police have identified the cause of a $44 million hack of Indian cryptocurrency exchange CoinDCX. Hackers posed as recruiters to trick a software engineer into installing malware on his laptop, enabling unauthorized access to the exchange's systems.
Details of the Hack
- Hackers exploited the engineer's login credentials to drain approximately $44 million in cryptocurrencies.
- The engineer, Rahul Agarwal, has been detained for his alleged involvement.
- Blockchain analytics firm Cyvers suggested that attackers may have used exposed API keys or misconfigured backend systems.
- The malware was disguised as part-time job offers, leading to a breach in internal wallet systems at Neblio Technologies, the operator of CoinDCX.
- Agarwal denies any wrongdoing; however, his company-owned device has been confiscated.
Connection to Lazarus Group
- Authorities suspect links between the CoinDCX attack and North Korea's Lazarus Group based on similar attack patterns.
- These patterns include exploiting cross-chain bridges and using Tornado Cash to obscure fund flows.
CoinDCX's Response
- CoinDCX has initiated an $11 million bounty program, offering up to 25% of stolen assets to ethical hackers and researchers for assistance in asset recovery.
- Rumors of a potential acquisition by Coinbase were publicly denied by CoinDCX CEO Sumit Gupta, who emphasized the company's focus on growth.