Here’s a rephrased version of the full report, maintaining clarity, flow, and emphasis:

**🚨 \$44M Crypto Heist at CoinDCX: Employee Arrested in High-Profile Cyber Theft**

On July 26, Bengaluru police arrested 30-year-old software engineer **Rahul Agarwal**, an employee at CoinDCX, in connection with a massive **\$44 million (₹379 crore)** crypto theft from the exchange’s internal wallet. Agarwal had been working with the company for over two years.

The breach began in the early hours of **July 19**, starting with a test transfer of **1 USDT at 2:37 a.m.** Using access credentials allegedly stolen from Agarwal’s company-issued laptop, hackers executed a series of transfers—ultimately draining **\$44 million** into **six separate wallets** by mid-morning.

According to investigators, Agarwal had been freelancing for unknown clients via **WhatsApp**, receiving instructions from a **German phone number**, and acknowledged receiving a deposit of **₹15 lakh (\~\$17,000)**. Authorities believe his system was compromised by malware, giving attackers the access they needed.

CoinDCX’s parent company, **Neblio Technologies**, has clarified that **no customer funds were affected**, as the breached wallet was separate from user assets. In response, the company has launched a **bounty of up to \$11 million** for any leads that help recover the stolen crypto.

### 🔐 What This Means

Security analysts are warning that this incident highlights a growing threat: **targeting privileged insiders via social engineering** to infiltrate critical systems. One Redditor summed it up bluntly:

> “If his credentials were stolen, he’s a victim—not the villain. Credential theft is real. The real problem lies in poor access control. Let’s fix the system instead of just blaming the individual.”

A senior official at Neblio called it a **“sophisticated social engineering attack”**, emphasizing CoinDCX’s full cooperation with authorities.