Bittime - The security of the crypto asset trading platform has been compromised again. This time, Kraken, one of the world's largest crypto exchanges, became the victim of individuals who exploited security holes for personal gain.
Kraken Hack Starts June 9
The chronology begins on June 9, 2024. Nick Percoco, Kraken's Head of Security, via social media X (formerly known as Twitter), revealed that his party received reports through the Bug Bounty program.
Check Today's Crypto Market:
The report, which did not provide specific details, said there was a "very critical" vulnerability that could potentially be exploited to top up users' balances illegally.
Also read: Kraken Plans to Remove USDT Tether from the European Union Market
Kraken's internal investigation revealed that the loophole did exist. This vulnerability allows criminals to receive funds in their accounts without completing the full deposit process.
This is due to a recent user interface (UX) update that allows accounts to be credited before assets are fully received. This UX change, unfortunately, has not been thoroughly tested to anticipate potential attacks.
Worse yet, an in-depth investigation found three accounts had exploited this loophole in a short period of time. One of them was identified as the security researcher who first reported the bug.
The "security researcher" was not alone. He shared details of this security hole with two colleagues. These three accounts managed to withdraw almost $3 million (around Rp. 49.2 billion) from the Kraken account, which came from company funds and not from customer assets.
Also Read How to Buy Crypto:
Kraken Intends to Give Bug Bounty Awards
Initially, Kraken intended to reward them according to the Bug Bounty program. However, these "security researchers" refused to return the funds taken. They asked Kraken to estimate the potential financial loss if the security flaw was not reported.
Also read: Understanding Crypto Exchanges in Canada
Nick Percoco emphasized that this action was considered extortion, not ethical "white-hat hacking" activity. He did not name the research firm involved, but stated that Kraken considers this a criminal act and will cooperate with the authorities.
What needs to be underlined is that no customer assets are threatened. This security flaw allows criminals to temporarily “print” fictitious assets in their accounts.
Kraken Bug Bounty Program: Protects Users and Rewards Reporting
As a well-known crypto exchange, Kraken offers trading of crypto assets with fiat assets, as well as derivatives and futures trading services. According to CoinMarketCap, Kraken is ranked sixth in global crypto exchanges, with an average daily trading volume of around $741 million (around IDR 12.1 trillion).
The Bug Bounty program itself is a Kraken initiative to ensure user security in the crypto market. The program guarantees that it will not take legal action against security researchers who comply with their policies.
Check Crypto Prices Today:
Incoming reports will be evaluated and rewarded in the form of Bitcoin (BTC) depending on the severity of the security holes found. Throughout 2023, this program has received 461 reports and awarded awards for 22 of them.
How to Buy Crypto on Bittime
You can buy and sell crypto assets in an easy and safe way via Bittime. Bittime is one of the best crypto applications in Indonesia which is officially registered with Bappebti.
To be able to buy crypto assets on Bittime, make sure you have registered and completed identity verification. Apart from that, also make sure that you have sufficient balance by depositing some funds into your wallet. For your information, the minimum purchase of assets on Bittime is IDR 10,000. After that, you can purchase crypto assets in the application.
Learn Complete Guide How to Buy Crypto on Bittime.
Monitor price chart movements of Bitcoin (BTC), Ethereum (ETH), Solana (SOL) and other cryptos to find out today's crypto market trends in real-time on Bittime.
Also read:
Floki Inu Prices Fly After Kraken Introduces Perpetual Futures Trading for FLOKI
Earn Passive Profits! Complete Guide to BTC Staking that You Need to Know
What is a Centralized Exchange (CEX)?
Wormhole (W) Comes to Kraken, Trading Opens April 3!
DISCLAIMER: This article is informational in nature and is not an offer or invitation to sell or buy any crypto assets. Trading crypto assets is a high-risk activity. Crypto asset prices are volatile, where prices can change significantly from time to time and Bittime is not responsible for changes in fluctuations in crypto asset exchange rates.
Comments
0 comments
Please sign in to leave a comment.