Indian authorities have arrested Rahul Agarwal, a software engineer at CoinDCX, in connection with a $44 million (₹384 crore) theft from the Mumbai-based cryptocurrency exchange. Bengaluru’s Whitefield police say hackers posing as recruiters persuaded Agarwal to install malware on his office laptop after offering him freelance work, creating an entry point that was later exploited to drain the company’s liquidity wallet. Blockchain records show the intrusion began on 19 July with a small test transfer before the attackers siphoned the bulk of the funds hours later, splitting the proceeds across six digital wallets outside India’s jurisdiction. CoinDCX said client assets were unaffected and that it would absorb the loss from its treasury. The exchange has offered a bounty of 25 percent of any assets recovered to individuals who help trace or reclaim the stolen cryptocurrency. Investigators have struggled to follow the money because the receiving addresses sit beyond India’s regulatory reach, highlighting the difficulties of cross-border enforcement in decentralised finance. The case underscores a broader rise in social-engineering attacks on crypto firms: security trackers SlowMist and PeckShield estimate that 13 hacks in July alone cost the sector roughly $140 million, with the CoinDCX breach the largest single incident.