₹368 Crore Crypto Heist in Bengaluru: Freelance Job Scam Exposes Major Cybersecurity Lapse

In a major breakthrough in one of Karnataka’s largest cybercrime cases, the Criminal Investigation Department (CID) has revealed that a freelancing tech professional inadvertently opened the door to a ₹368-crore cryptocurrency theft at a Bengaluru-based crypto exchange.

The breach surfaced in July 2025, when the Bellandur-based exchange reported unauthorized access to its digital wallets and the disappearance of a massive volume of cryptocurrency. While an employee was initially detained, a deeper CID investigation has now exposed the role of an international cybercrime syndicate operating with high-level sophistication.

How a Fake Freelance Offer Enabled a ₹368-Crore Crypto Theft

According to CID officials, the tech professional had been moonlighting for over a year when he was contacted through a fake professional networking profile. The fraudsters offered him a high-paying freelance project related to crypto exchange website development.

To build credibility, the cybercriminals:

Assigned realistic technical tasks

Conducted regular online review meetings

Made consistent payments totaling nearly ₹15 lakh

This long-term engagement ensured the victim had no reason to suspect a cyber scam.

Company Laptop Used to Deploy Malware

Investigators revealed that the freelancer used his official company-issued laptop to complete the side project. In July 2025, after a routine virtual meeting, the hackers sent him a set of files for review.

One file contained advanced malware, which:

Executed silently in the background

Bypassed endpoint security systems

Granted remote administrative access to hackers

This access later extended to the crypto exchange’s internal servers.

Private Keys Compromised, Crypto Wallets Drained

With admin-level privileges, the attackers extracted the private keys of the exchange’s cryptocurrency wallets. After testing the breach with a small transaction, they proceeded to drain the entire digital treasury.

CID officials said the stolen cryptocurrency was:

First moved within internal wallets

Routed through multiple intermediary wallets

Finally consolidated into a single master wallet controlled by the fraud network

Crypto Transactions Traced, Wallet Owner Still Unidentified

While investigators have successfully tracked the blockchain transaction trail, identifying the real individual behind the final crypto wallet remains a major hurdle.

“This case highlights the sophistication of crypto crimes. Blockchain transactions are traceable, but linking a wallet to a person is extremely difficult,” a senior CID officer stated.

CID Warns IT Professionals Against Freelance and Moonlighting Scams

The CID has issued a nationwide advisory warning tech professionals about the growing misuse of:

Freelance job platforms

Part-time tech assignments

Gaming and app development offers

Fake investment and crypto projects

Cybercriminals often exploit these channels to infiltrate corporate systems and steal sensitive data.

Crypto Exchange Strengthens Cybersecurity After Attack

Following the ₹368-crore cyber heist, the affected exchange has reportedly:

Upgraded its cybersecurity infrastructure

Strengthened access controls

Implemented stricter device-usage policies

Authorities say the case serves as a serious warning for crypto companies, IT employees, and freelancers operating in the digital asset ecosystem.