Fun

Kraken-CertiK saga turns murky as part of exploited funds go ‘missing’

News Feed - 2024-06-20 06:06:28

Prashant Jha5 hours agoKraken-CertiK saga turns murky as part of exploited funds go ‘missing’Kraken is planning to take legal action against security firm CertiK as the “white hat” operation by the security firm turns into a legal blunder.1022 Total views23 Total sharesListen to article 0:00NewsOwn this piece of crypto historyCollect this article as NFTJoin us on social networksThe Kraken-CertiK saga has taken another turn. Security firm CertiK claims it carried out a white hat operation on specific Kraken accounts not belonging to customers, draining nearly $3 million, according to Kraken. However, the exchange claims the total exploited amount was not returned to it, while CertiK claims to have returned all funds as per their record.


On June 20, CertiK took to X to give an update on the situation and claimed it had returned 734 Ether (ETH), 29,001 Tether (USDT) tokens and 1,021 Monero (XMR) coins, while Kraken requested 155,818 Polygon (MATIC) tokens, 907,400 USDT, 475.5 ETH and 1,089.8 XMR.Kraken claims exploit, CertiK says white hat operation


The Kraken-CertiK saga began on June 9, when Kraken claimed it had received a bug bounty program alert from an alleged security researcher. The alert highlighted a bug in Kraken’s system that allowed users to inflate their account balances. When the crypto exchange rushed to patch the bug, it discovered three accounts that had leveraged the flaw, stealing $3 million from Kraken’s account.


Kraken found that one of the three accounts was Know Your Customer (KYC) verified and used the bug to credit $4 to their account.


Kraken chief security officer Nick Percoco said that this would have been enough to prove the bug and claim the bounty, but the account allegedly then shared the flaw with two other accounts, with all three pocketing $3 million from the exchange in the days that followed.


When the crypto exchange asked the alleged “security researcher” to return the funds and collect its bounty after offering the required onchain proofs, the white hat hacker allegedly refused to entertain the request and asked for the bounty to be paid first. Although Kraken didn’t reveal the name of the security firm behind the “white hat” exploit, CertiK revealed that it was behind the Kraken exploit.


CertiK claimed that its employee who discovered the vulnerability was threatened to return the stolen funds, but did not receive a wallet address to send the funds to. Ronghui Gu, co-founder at CertiK, told Cointelegraph:“The verbal consensus reached during our meeting was not confirmed afterward. Ultimately, they [Kraken] publicly accused us of theft and even directly threatened our employees, which is completely unacceptable.”


CertiK reportedly sent the stolen funds to crypto mixing service Tornado Cash to avoid having them frozen by crypto exchanges. The move triggered much criticism from the crypto community, which questioned CertiK’s motive behind the “white hat” operation.


Related: Crypto phishing attacks reached ‘alarming levels’ — CertiK co-founderCrypto community calls out CertiK


The crypto community raised questions about why CertiK researchers moved millions of dollars worth of funds when a single transaction could have proven the vulnerability. Others reminded them that Tornado Cash is an Office of Foreign Assets Control (OFAC)-sanctioned tool, and using it could attract legal trouble for the security firm. Others questioned whether it planned to return the funds and why it sent them to Tornado Cash.Crypto community calls out CertiK. Source: X


A majority of the crypto community sided with Kraken on the issue and called out CertiK for its ruthless behavior. Many accused them of “stealing” and blackmailing Kraken for the bounty.Crypto community reaction to Kraken Certik saga. Source: X


Kraken told Cointelegraph that it is in touch with law enforcement agencies regarding the situation.


Update: This article will be updated with comments from Kraken and CertiK.


Magazine:Crypto audits and bug bounties are broken: Here’s how to fix them# Blockchain# Kraken# Cryptocurrencies# Hackers# Cybersecurity# Hacks# DeFi# RegulationAdd reaction

News Feed
Socialite Paris Hilton Backs $20 Million Strategic Investment in NFT Protocol Origyn
Socialite Paris Hilton Backs $20 Million Strategic Investment in NFT Protocol Origyn The non-fungible token (NFT) project the Origyn Foundation announced on Tuesday the team receiv
2021-11-24 13:30 PM
Ethereum Price Consolidates: Preparing for the Next Move Higher?
Este artículo también está disponible en español. Ethereum price is consolidating gains above the $2,580 resistance. ETH could gain pace if it clears the $2,650 resistanc
2024-10-18 12:28 PM
Turner Wright8 hours agoRep. Patrick McHenry blames White House for lack of urgency on stablecoin bill negotiationsRepublican leadership has blamed the Biden administration for not having a “sense of urgency” on stab
2023-07-28 01:00 AM
Turner Wright14 hours agoUS lawmaker calls for info from Treasury and SEC on crypto market structure billRep. Maxine Waters gave Janet Yellen and Gary Gensler a deadline of June 30 to respond to her requests on the “Di
2023-06-27 04:15 AM
Blockchain for Good Alliance launches at Blockchain Life Dubai
Tristan Greene4 hours agoBlockchain for Good Alliance launches at Blockchain Life DubaiThe alliance is joined by Bybit Web3, Solana Foundation, Aptos, Moledao, Harvard Blockchain Club, and numerous other organizations.50
2024-04-16 04:30 AM
Bybit introduces Indian digital rupee CBDC payment option
Derek Andersen5 hours agoBybit introduces Indian digital rupee CBDC payment optionThe use of the CBDC on the cryptocurrency exchange will enhance security and, it hopes, attract merchants.449 Total views15 Total sharesLi
2024-08-01 03:22 AM
Bitcoin Price To $130,000 By January, Here’s The Roadmap
Este artículo también está disponible en español. According to a technical analysis from analyst Xanrox, the Bitcoin price is on the road to reaching the $130,000 mark in
2024-10-17 06:00 AM
SEC pushes back decision on Grayscale Ether futures ETF
Ciaran Lyons7 hours agoSEC pushes back decision on Grayscale Ether futures ETFThe United States securities regulator has postponed its decision on approving Grayscale"s Ethereum Futures Trust ETF product until the end of
2024-03-23 10:55 AM
Ark Invest Expects Bitcoin to Exceed $1 Million by 2030 — Says BTC Could Transform Monetary History
Ark Invest Expects Bitcoin to Exceed $1 Million by 2030 — Says BTC Could Transform Monetary History Ark Investment Management (Ark Invest) has predicted that the price of bitcoin
2022-01-31 11:30 AM
Ana Paula Pereira6 hours agoCurve’s crvUSD depegs as market reacts to shock eventsThe decentralized stablecoin is facing its first stress test since it was released in May, putting its PegKeeper algorithm to work.2998
2023-08-04 02:30 AM
SEC Drops the Ball on Crypto Regulation and There Are Long-Term Consequences, Says Commissioner
SEC Drops the Ball on Crypto Regulation and There Are Long-Term Consequences, Says Commissioner A commissioner with the U.S. Securities and Exchange Commission (SEC) has warned tha
2022-05-27 09:30 AM
Web3 dev platform Mirror World launches first gaming rollup chain on Solana
Zhiyuan Sun8 hours agoWeb3 dev platform Mirror World launches first gaming rollup chain on SolanaThe software development kit allows Solana games to settle "millions of requests" during game sessions and settle
2024-03-30 01:00 AM