Major Cyber Heist at Bengaluru Crypto Firm Linked to North Korean Hackers; Employee Under Investigation
Bengaluru, July 31, 2025 — In a significant cyberattack that has shaken the cryptocurrency sector, Bengaluru-based Neblio Technologies Private Limited, the company behind the popular crypto exchange CoinDCX, has suffered a massive theft of digital assets estimated at $44 million. Investigations suggest that the hack is linked to a North Korean hacker syndicate, highlighting growing concerns over state-sponsored cybercrime targeting virtual currency platforms.
Details of the Heist
According to reports by The Times of India and Deccan Herald, the breach involved a sophisticated cyber intrusion that exploited vulnerabilities within Neblio Technologies’ security framework. Hackers transferred the stolen digital assets through six separate intermediary accounts before consolidating them into a single account believed to be controlled by operatives associated with North Korea.
Security experts point out that the tactics used in this attack mirror recent patterns observed in high-profile cryptocurrency exchange breaches worldwide, further strengthening suspicions of involvement by a well-organized, state-backed hacking group seeking to exploit the rapidly expanding digital asset market.
Employee Under Scrutiny: Possible Inside Help
Local law enforcement agencies have focused their investigation on Rahul Agarwal, a CoinDCX employee originally from Jharkhand, whose corporate devices were exploited in the cyber breach. It has been revealed that Agarwal fell victim to an online part-time job scam, which promised income for completing minor digital tasks.
Unknowingly, Agarwal’s work and personal laptops were accessed by cybercriminals, who leveraged his credentials to penetrate CoinDCX’s core systems. While some officials consider him an unwitting pawn manipulated by the hackers, others have raised the possibility of his complicity in the crime. Agarwal is currently in judicial custody for further questioning as authorities continue to unravel the incident.
Company and Industry Response
Neblio Technologies executives have faced intense pressure to secure customer assets and restore trust among stakeholders. In response, CoinDCX has increased its cooperation with cybersecurity firms and announced a substantial bounty to encourage information that could lead to the recovery of stolen assets or the apprehension of those responsible.
The incident underscores the heightened risk environment surrounding cryptocurrency platforms and the necessity for robust security protocols to safeguard digital assets against evolving cyber threats.
Broader Implications
This cyber heist is considered the largest virtual currency theft witnessed in Bengaluru to date, with potential ramifications for the wider Indian and global cryptocurrency industries. The apparent North Korean link also raises geopolitical concerns, as such cyber operations often serve dual financial and strategic objectives for state actors.
Authorities are intensifying efforts to track the stolen funds and dismantle the hacking network behind the attack, emphasizing the critical importance of vigilance and collaboration in combatting advanced cybercrime in the digital economy.
For continuous updates on this story and other breaking news from Bengaluru and beyond, stay tuned to the Hindustan Times.