Crypto ExchangesGlobal News

Kraken Faces Security Breach: $3 Million Fraudulently Withdrawn

Photo of News Desk News Desk Send an email 20 June 2024
2 minutes read
crypto news Kraken Security breach

Kraken, a prominent cryptocurrency exchange, recently faced a significant security breach involving its Bug Bounty program. The incident, detailed by Nick Percoco, Kraken’s Chief Security Officer, revealed on X that fraudulent actions by so-called “security researchers” led to nearly $3 million being withdrawn from the exchange’s treasuries.

Details of the Security Breach

On June 9, 2024, Kraken received an alert from a security researcher claiming to have discovered an “extremely critical” bug. This bug purportedly allowed for the artificial inflation of account balances on the Kraken platform. The initial report, however, did not disclose detailed transaction information.

Percoco noted that the researcher shared the bug with two colleagues, who then exploited it to generate large sums of money. These individuals managed to withdraw nearly $3 million from Kraken’s treasuries. Crucially, no client assets were affected by this breach.

Kraken’s Response

In response to the partial disclosure, Kraken’s security team contacted the researchers to confirm details and arrange for the reward. This is standard procedure within Kraken’s Bug Bounty program, which has been in place for nearly ten years and is staffed by top experts in the field.

Kraken requested a full account of the activities, proof of concept, and the return of the withdrawn funds. The researchers, however, refused these requests and demanded a speculative amount in return for the bug’s potential impact had it not been disclosed. Percoco described this demand as extortion rather than legitimate white-hat hacking.

Kraken’s Position and Future Steps

Kraken has clarified that their Bug Bounty program is designed to enhance security and relies on ethical behavior from researchers. According to Percoco, the actions of these researchers violated the rules of the program and constituted criminal behavior. Kraken is now treating this incident as a criminal case and coordinating with law enforcement agencies.

Percoco emphasized that this breach is an isolated incident and that Kraken remains committed to its Bug Bounty program. The exchange will continue to work with ethical researchers to improve the security of the cryptocurrency ecosystem.

Kraken’s transparency and swift action in this case underscore their commitment to protecting their platform and users, especially given that the stolen funds were from their treasury and not client funds. This incident also highlights the challenges of maintaining security in the rapidly evolving world of cryptocurrency.

Tags
Photo of News Desk News Desk Send an email 20 June 2024
2 minutes read
Photo of News Desk

News Desk

UNLOCK Blockchain News Desk is fueled by a passionate team of young individuals deeply immersed in the world of Blockchain and Crypto. Our mission? To keep you, our loyal reader, on the cutting edge of industry news. Drop us a line at info(@)unlock-bc.com to connect with our team and stay ahead of the curve!

Related Articles

crypto-backed mortgages, crypto news, homeownership, blockchain technology, smart contracts, blockchain news Defi

Crypto-Backed Mortgages: Revolutionizing Homeownership with Blockchain Technology

18 January 2025
blockchain news, SEC, crypto news, examination priorities, cryptocurrency, securities and exchange commission

A Busy Day at the SEC Before Trump’s Inauguration: Leadership Exodus and Enforcement Actions

18 January 2025
Komainu, blockstream, strategic investment, blockchain news, crypto news, bitcoin treasury, bitcoin news, Nomura, laser digital

Komainu CEO Paul Frost-Smith Confirms Treasury Strategy for $75M Bitcoin Investment

17 January 2025
ripple SEC legal battle, court ruling, appeal, crypto news, XRP, lawsuit, blockchain news

Ripple vs. SEC: The Battle Over XRP Continues as Appeal Advances

16 January 2025
Back to top button