A major cybercrime case in Karnataka has revealed how a freelance technology professional unknowingly became the entry point for a ₹368 crore cryptocurrency theft from a Bengaluru based crypto exchange. The incident came to light in July 2025 when the exchange, located in Bellandur in east Bengaluru, reported that its digital wallets had been compromised and a large volume of cryptocurrency was missing. An employee was initially detained, but a deeper probe by investigators later uncovered the role of an international cyber fraud network.
Investigators found that the freelance techie had been secretly moonlighting for over a year. He was contacted through a fake professional networking profile that offered a high paying freelance project to help build a website for a crypto exchange. The fraudsters ran the operation carefully by holding regular online review meetings, assigning tasks that appeared legitimate, and making timely payments. “The fraudsters gave him a legitimate looking project, held regular online review meetings, and paid him consistently to gain his confidence,” a senior investigator said. The techie reportedly earned close to ₹15 lakh from this work, leaving him with no reason to doubt the offer.
The breach occurred when the techie used his full time employer’s official laptop to complete the freelance tasks. After one of the online meetings in July 2025, he was sent a set of files for review. One of these files contained hidden malware. Once opened, the malware ran silently, bypassed security protections, and gave the hackers remote administrative access to the laptop as well as the exchange’s internal servers. With this access, the attackers stole the private keys to the exchange’s crypto wallets, first testing the breach with a small transfer before draining the entire digital treasury.
Officials said the stolen cryptocurrency was routed through several intermediary wallets before being consolidated into a single wallet controlled by the fraudsters. While the transaction trail has been traced, identifying the owner of the final wallet remains difficult. “That is the level of sophistication involved in crypto related crimes. We can trace the money flow, but finding the person behind a crypto wallet is extremely difficult,” the officer said. The case has prompted a warning to tech professionals about moonlighting risks, with officials noting that fake freelance offers are often used to access corporate systems. The exchange has since strengthened its cybersecurity framework to prevent similar breaches.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream formerly known as CIO News LinkedIn Account | The Mainstream formerly known as CIO News Facebook | The Mainstream formerly known as CIO News Youtube | The Mainstream formerly known as CIO News Twitter
About us:
The Mainstream is a premier platform delivering the latest updates and informed perspectives across the technology business and cyber landscape. Built on research-driven, thought leadership and original intellectual property, The Mainstream also curates summits & conferences that convene decision makers to explore how technology reshapes industries and leadership. With a growing presence in India and globally across the Middle East, Africa, ASEAN, the USA, the UK and Australia, The Mainstream carries a vision to bring the latest happenings and insights to 8.2 billion people and to place technology at the centre of conversation for leaders navigating the future.
