Crypto ExchangesGlobal News

Kraken Faces Security Breach: $3 Million Fraudulently Withdrawn

Photo of News Desk News Desk Send an email 20 June 2024
2 minutes read
crypto news Kraken Security breach

Kraken, a prominent cryptocurrency exchange, recently faced a significant security breach involving its Bug Bounty program. The incident, detailed by Nick Percoco, Kraken’s Chief Security Officer, revealed on X that fraudulent actions by so-called “security researchers” led to nearly $3 million being withdrawn from the exchange’s treasuries.

Details of the Security Breach

On June 9, 2024, Kraken received an alert from a security researcher claiming to have discovered an “extremely critical” bug. This bug purportedly allowed for the artificial inflation of account balances on the Kraken platform. The initial report, however, did not disclose detailed transaction information.

Percoco noted that the researcher shared the bug with two colleagues, who then exploited it to generate large sums of money. These individuals managed to withdraw nearly $3 million from Kraken’s treasuries. Crucially, no client assets were affected by this breach.

Kraken’s Response

In response to the partial disclosure, Kraken’s security team contacted the researchers to confirm details and arrange for the reward. This is standard procedure within Kraken’s Bug Bounty program, which has been in place for nearly ten years and is staffed by top experts in the field.

Kraken requested a full account of the activities, proof of concept, and the return of the withdrawn funds. The researchers, however, refused these requests and demanded a speculative amount in return for the bug’s potential impact had it not been disclosed. Percoco described this demand as extortion rather than legitimate white-hat hacking.

Kraken’s Position and Future Steps

Kraken has clarified that their Bug Bounty program is designed to enhance security and relies on ethical behavior from researchers. According to Percoco, the actions of these researchers violated the rules of the program and constituted criminal behavior. Kraken is now treating this incident as a criminal case and coordinating with law enforcement agencies.

Percoco emphasized that this breach is an isolated incident and that Kraken remains committed to its Bug Bounty program. The exchange will continue to work with ethical researchers to improve the security of the cryptocurrency ecosystem.

Kraken’s transparency and swift action in this case underscore their commitment to protecting their platform and users, especially given that the stolen funds were from their treasury and not client funds. This incident also highlights the challenges of maintaining security in the rapidly evolving world of cryptocurrency.

Tags
Photo of News Desk News Desk Send an email 20 June 2024
2 minutes read
Photo of News Desk

News Desk

UNLOCK Blockchain News Desk is fueled by a passionate team of young individuals deeply immersed in the world of Blockchain and Crypto. Our mission? To keep you, our loyal reader, on the cutting edge of industry news. Drop us a line at info(@)unlock-bc.com to connect with our team and stay ahead of the curve!

Related Articles

crypto theft, crypto news, blockchain news, blockchain security

Crypto Theft Doubles to $1.4 Billion in H1 2024

6 July 2024
Labour Party, Keir Stramer, Landslide Victory, UK Crypto, crypto news, blockchain news

Labour Party’s Landslide Victory: Implications for the UK Crypto Industry

6 July 2024
Cryptocurrencies, Mt. Gox Bitcoin, crypto news, Repayments, Payout Concerns, liquidations

Mt. Gox Bitcoin Payout Fears Erase Over $170 Billion from Crypto Market

6 July 2024
Crypto News GCEX UAE

GCEX Dubai Appoints Saeed Al Darmaki as Non-Executive Director

4 July 2024
© Copyright 2024 The Unlock Company DMCC
Back to top button