Indian crypto exchange CoinDCX’s recent $44 million security breach has been linked to a targeted social engineering attack, according to CEO Sumit Gupta. In a statement shared on July 31, Gupta revealed that early investigations suggest the exploit may have involved manipulation tactics to gain unauthorized internal access. This type of attack typically involves tricking employees into compromising sensitive systems or credentials.
Gupta stated, “Based on our internal preliminary findings, this appears to be a sophisticated social engineering attack. Naturally, in these attacks, employees of a company are targeted to gain unlawful access to internal systems of an organization.”
Reports from Indian media outlets have suggested that a CoinDCX employee may have been involved in the breach, either knowingly or negligently. The Times of India reported that police in Bengaluru have detained Rahul Agarwal, a CoinDCX software engineer, whose internal credentials were allegedly misused during the theft. The attacker reportedly initiated a small $1 USDT transaction from Agarwal’s account as a test before proceeding with the larger $44 million theft. Authorities are investigating whether Agarwal was complicit or compromised in the attack.
While Gupta did not provide further details about the ongoing investigations, he emphasized their cooperation with authorities and the need to maintain the integrity of the process.
Social engineering attacks in the crypto industry
Social engineering attacks pose a significant threat to the crypto industry, often circumventing technical security measures by exploiting human behavior. Security experts estimate that up to 98% of cyberattacks originate from some form of social engineering.
The CoinDCX breach is part of a broader trend observed over the past year. In a similar incident, North Korea-linked attackers used social engineering tactics to steal $305 million from Japan’s DMM Bitcoin exchange. Additionally, a blockchain analyst revealed that Coinbase users lose over $300 million annually to social engineering scams.
These cases underscore the critical issue of employee manipulation in cybersecurity breaches, highlighting the need for heightened awareness and vigilance within organizations.