Fun

Kraken recovers $3 million from CertiK, ending bug bounty saga

News Feed - 2024-06-20 11:06:31

Zoltan Vardai9 hours agoKraken recovers $3 million from CertiK, ending bug bounty sagaCertiK has returned the funds to the Kraken exchange, putting a happy end to the bug bounty-related saga.1714 Total views1 Total sharesListen to article 0:00NewsOwn this piece of crypto historyCollect this article as NFTJoin us on social networksCryptocurrency exchange Kraken has recovered missing funds following a high-profile bug bounty exploit fiasco. 


Kraken confirmed the return of the stolen digital assets worth nearly $3 million, putting an end to the Kraken-CertiK saga that started on June 9.


The recovery of the funds, minus transaction fees, was confirmed by Nicholas Percoco, chief security officer of Kraken, in a June 20 X post:“Update: We can now confirm the funds have been returned (minus a small amount lost to fees).”


Kraken’s CSO first announced the $3 million worth of missing funds on June 19, when he claimed that a “security researcher” maliciously withdrew them from the treasury after discovering and sharing an existing bug.


Kraken claimed that it was extorted by the security researcher, who was refusing to return the funds, demanding a reward and a call with the exchange’s business development team.


Related:Nomura crypto arm Laser Digital bags Abu Dhabi licenseCertiK’s side of the story


Shortly after Kraken’s post about the missing funds, blockchain security firm CertiK publicly identified itself as the “security researcher” that Kraken claimed stole $3 million of digital assets.


In a June 19 X post, CertiK said it had informed Kraken of an exploit that allowed it to remove millions of dollars from the exchange’s accounts. CertiK also claimed to have been threatened by the exchange’s team:“After initial successful conversions on identifying and fixing the vulnerability, Kraken’s security operation team has THREATENED individual CertiK employees to repay a MISMATCHED amount of crypto in an UNREASONABLE time even WITHOUT providing repayment addresses.”


The security firm posted a timeline of events, starting with identifying the exploit on June 5 and ending with claims Kraken threatened a CertiK employee on June 18. In a statement to Cointelegraph, CertiK said it planned to transfer the funds “to an account that Kraken will be able to access.”Bug bounty saga timeline. Source: CertiK


Related:Bitcoin ETFs legitimized the crypto industry for investors — Storm PartnersWhy did CertiK withdraw nearly $3 million?


Kraken’s Percoco initially said that the first malicious transfer, worth just $4, would have been sufficient to prove the bug and collect “sizable rewards” from Karken’s bounty program.


However, the security researcher, which was later disclosed as CertiK, had minted nearly $3 million into their Kraken accounts.


In a post following the return of the $3 million, CertiK said that the multimillion-dollar sum was necessary to test the limits of the exchange:“We want to test the limit of Kraken’s protection and risk controls. After multiple tests across multiple days and close to $3 million worth of crypto, no alerts were triggered and we still haven’t figured out the limit.”


Moreover, CertiK claims that it didn’t initially request a bounty, but it was something mentioned by the exchange:“We never mentioned any bounty request. It was Kraken who first mentioned their bounty to us, while we responded that the bounty was not the priority topic and we wanted to make sure the issue was fixed.”


CertiK added that no Kraken user funds were endangered since the exploited funds were “minted out of air.”


Magazine:Ethereum’s recent pullback could be a gift: Dynamo DeFi, X Hall of Flame# Kraken# Altcoin# Business# Hackers# Cryptocurrency Exchange# Cybersecurity# Hacks# DeFiAdd reaction

News Feed

US Inflation Skyrockets, 64% of Americans Live Paycheck to Paycheck, S&P 500 Chart Shows Death Cross Imminent
US Inflation Skyrockets, 64% of Americans Live Paycheck to Paycheck, S&P 500 Chart Shows Death Cross Imminent Inflation continues to rear its ugly head in the lives of Americans, a
Tuttle Capital Files For 10 Leveraged Crypto ETFs Including TRUMP And Cardano
Tuttle Capital Management (TCM) has filed for ten different leveraged crypto ETFs in the United States, signaling an increasing interest from asset managers in leveraging cryptocurrencies and memecoins as viable investme
Phoenix and Wasabi exit US market amid self-custody wallet crackdown
Ciaran Lyons8 hours agoPhoenix and Wasabi exit US market amid self-custody wallet crackdownRecent regulatory action against Consensys and Samourai has instilled fear among other crypto service providers operating in the
Dvision Network 2nd LAND Sale to Be Held on OpenSea and Their Native Marketplace
Dvision Network 2nd LAND Sale to Be Held on OpenSea and Their Native Marketplace press release PRESS RELEASE. Not too long ago, Dvision Network had successfully initiated their LAND
Base set for ‘material share’ of SocialFi activity: Franklin Templeton
Brayden Lindrea4 minutes agoBase set for ‘material share’ of SocialFi activity: Franklin TempletonBase is already home to 46% of transactions related to SocialFi on-chain, but the asset manager says it has even more
Dogecoin ETFs Will Skyrocket Price To $15, Forecasts Analyst
Este artículo también está disponible en español. Following Bitwise’s and Rex Shares’ recent application for spot Dogecoin ETFs in the United States, crypto analyst A
Nigerian Crypto Payment Gateway Fluidcoins Acquired by Seychelles-Based Crypto Exchange
Nigerian Crypto Payment Gateway Fluidcoins Acquired by Seychelles-Based Crypto Exchange The Nigerian crypto payment gateway Fluidcoins was recently bought for an undisclosed sum by
What to expect at Changpeng Zhao’s sentencing on April 30
Turner Wright1 hour agoWhat to expect at Changpeng Zhao’s sentencing on April 30Former FTX CEO Sam Bankman-Fried received a 25-year sentence after his conviction on seven felony counts, and many are speculating on what
Crypto Lender Nexo Terminates Interest Payments on New Deposits From US Clients
Crypto Lender Nexo Terminates Interest Payments on New Deposits From US Clients Following the U.S. Securities and Exchange Commission (SEC) charging the crypto lending platform Blo
Turner Wright4 hours agoUK government moves forward on bill aimed at empowering authorities to seize cryptoFollowing a third reading in the House of Lords, the Economic Crime and Corporate Transparency Bill will return t
Antier Solutions’ Crypto Exchange Script Solutions Helping Businesses to Reduce Their Time-to-Market by 50%
Antier Solutions’ Crypto Exchange Script Solutions Helping Businesses to Reduce Their Time-to-Market by 50% press release PRESS RELEASE. Antier Solutions, a blo
XRP Daily RSI Trendline Breaks Down – What It Means For Price
Reason to trust Strict editorial policy that focuses on accuracy, relevance, and impartiality Created by industry experts and meticulously reviewed The highest standards in reporting and pu