top of page
Writer's picturemeowdini

Kraken Faces Extortion Over $3 Million Security Bug Exploit

Updated: Jun 27

Kraken reveals a $3 million theft by a "security researcher" who exploited a bug and is now demanding a reward. The exchange emphasizes this as extortion, not ethical hacking.

Cryptocurrency exchange Kraken is embroiled in a controversy involving a "security researcher" who exploited a bug to withdraw $3 million worth of digital assets. The incident has raised questions about the boundaries between ethical hacking and extortion.


 Hacker looking at a laptop screen as the cryptocurrency exchange faces extortion over a $3 million bug exploit.
Kraken labels $3 million bug exploit as extortion, not ethical hacking.

Key Points:


  • Bug Discovery and Exploit: An anonymous security researcher discovered a critical bug in Kraken's system, leading to the unauthorized withdrawal of over $3 million.


  • Extortion Claims: Kraken's Chief Security Officer, Nicholas Percoco, stated that the researcher demanded a reward for the stolen funds, labeling the act as extortion rather than ethical hacking.


  • No User Funds Endangered: Kraken confirmed that the stolen assets were from the exchange’s treasury, assuring that no user funds were compromised.


  • Law Enforcement Involvement: Kraken is collaborating with law enforcement agencies to recover the stolen assets and holds firm on not rewarding the extortionists.


  • Ongoing Security Measures: Despite the setback, Kraken continues to prioritize its bug bounty programs to enhance security and prevent future incidents.



Kraken's encounter with a rogue security researcher highlights the delicate balance between recognizing ethical contributions and dealing with malicious exploits. As the exchange works to recover the stolen funds, it reaffirms its commitment to robust security measures and transparency.



Comments


bottom of page