tl;dr
Kraken, a major cryptocurrency exchange, recently experienced a security breach and potential extortion attempt after a bug bounty report led to a demand for money. The breach involved the exploitation of a flaw to inflate account balances, resulting in the unlawful withdrawal of nearly $3 million. ...
Kraken, a major cryptocurrency exchange, faced a $3 million security breach and extortion attempt, emphasizing the importance of ethical security research practices.
Kraken's security team, led by Chief Security Officer Nick Percoco, responded to a bug bounty report, discovering a vulnerability that led to the unlawful withdrawal of funds.
The security loophole was rectified within two hours, stemming from a recent update intended to enhance user experience but inadvertently creating a vulnerability.
Following the breach, Kraken reinforced its policies and highlighted the critical nature of adhering to ethical guidelines in bug bounty programs.
Despite the breach, Kraken remains dedicated to its bug bounty program and has implemented stricter testing protocols to enhance security.
Kraken, a major cryptocurrency exchange, recently experienced a security breach and potential extortion attempt after a bug bounty report led to a demand for money. The breach involved the exploitation of a flaw to inflate account balances, resulting in the unlawful withdrawal of nearly $3 million. Chief Security Officer Nick Percoco led the response, rectifying the loophole within two hours of detection. The incident prompted an investigation involving law enforcement and emphasized the importance of adhering to ethical practices in security research. Kraken reinforced its policies, stressing the need for responsible vulnerability disclosure and the prompt return of unauthorized funds in bug bounty programs. Despite the breach, Kraken remains committed to its bug bounty program and has implemented stricter testing protocols to enhance security. Kraken, a major cryptocurrency exchange, recently managed a security breach and potential extortion attempt after a supposed bug bounty report became a demand for money. Chief Security Officer Nick Percoco outlined the events, noting a flaw was exploited to inflate account balances artificially. This incident has prompted an investigation involving law enforcement and emphasized the importance of adhering to ethical practices in security research. KRAKEN RESPONDS TO $3 MILLION SECURITY BREACH Upon receiving a bug bounty report on June 9, 2024, Kraken ‘s security team, led by Percoco, sprung into action. They quickly discovered that the vulnerability had already been exploited, leading to the unlawful withdrawal of nearly $3 million from the exchange’s reserves. Although initially an act attributed to a security researcher—who claimed a mere $4 to demonstrate the flaw—the situation escalated when it was revealed that this individual had shared the bug with accomplices who extracted much more significant amounts. advertisement > Kraken Security Update:
On June 9 2024, we received a Bug Bounty program alert from a security
researcher. No specifics were initially disclosed, but their email claimed to
find an “extremely critical” bug that allowed them to artificially inflate
their balance on our platform.
— Nick Percoco (@c7five) June 19,
2024
RECOMMENDED ARTICLES
ethereum price crypto news
CRYPTO PRESALE PROJECTS FOR 2024 TO INVEST; UPDATED LIST
Must Read
ethereum price crypto news
BEST CRYPTO AI TRADING BOTS FOR 2024: UPDATED LIST
Must Read
ethereum price crypto news
ethereum
price crypto news
BEST CRYPTO EXCHANGES AND APPS SEPTEMBER 2024
Must Read
ethereum price crypto news
TOP MEME COINS TO BUY NOW: WHAT YOU NEED TO KNOW
Must Read
ethereum price crypto news
ethereum
price crypto news
TOP 10 WEB3 GAMES TO EXPLORE IN 2024; HERE LIST
Must Read Kraken’s team rectified the security loophole within two hours of detection. The bug originated from a recent update intended to enhance the user experience by allowing immediate trading before thoroughly verifying deposited funds. However, this change inadvertently created a vulnerability. Percoco stressed that no client assets were at risk at any time, as the flaw only allowed the inflating of balances within the perpetrators’ accounts. Also Read: Binance Rolls Out HODLer Airdrops For BNB Holders KRAKEN REINFORCES POLICIES AFTER SECURITY BREACH Following the discovery, the perpetrators refused to cooperate with Kraken’s investigation, demanding to speak with the business development team, a move Percoco labeled as extortion. This incident has highlighted the critical nature of following ethical guidelines in bug bounty programs. Kraken’s longstanding policy is clear: researchers must not exploit vulnerabilities beyond what is necessary to prove their existence and should promptly return any unauthorized funds. Kraken has a nearly decade-long history of operating its bug bounty program, designed to encourage white-hat hackers to help identify and fix security gaps responsibly. This program has functioned
More about Riot Blockchain Inc
Riot Blockchain Inc
Riot Blockchain, Inc., focuses on the cryptocurrency mining operation in North America. The company is headquartered in Castle Rock, Colorado.
Industry: LIFE SCIENCES
Sector: IN VITRO & IN VIVO DIAGNOSTIC SUBSTANCES
Market Cap: 3078448000
Current Price: 25.38
Dividend Yield: None
P/E Ratio: 0.42
EPS: 1.448
Beta: 0.501
Volume: 286738000
Previous Close: 18.14
Return on Equity: 6.36
Price/Earnings to Growth: 0.083
More about CleanSpark Inc
CleanSpark Inc, CleanSpark, Inc. provides energy software and control technology solutions worldwide. The company is headquartered in Woods Cross, Utah.
Sector: Real Estate & Construction
Industry: Blank Checks
Market Cap: 4438907000
Current Price: 149.85
Dividend Yield: None
EPS: 0.13
P/E Ratio: 1.74
ROE: 0.224
Volume: 283628000
50-Day Moving Average: 26.4
200-Day Moving Average: 0
RSI: 1.628
More about MicroStrategy Incorporated
Company: MicroStrategy Incorporated
Business Profile: MicroStrategy Incorporated provides global business analysis software and services. The company is headquartered in Tysons Corner, Virginia.
Industry: Technology
Sector: Services - Prepackaged Software
Market Cap: $26.06 billion
Dividend Yield: None
Price/Earnings Ratio: None
Price/Book Ratio: -10.73
Return on Equity: 32.62%
Debt/Equity Ratio: -0.174
Revenue: $489,592,000
Net Income: $1,945.79 million
Earnings per Share: -0.775
Price per Earnings Growth Ratio: -0.055
More about Robinhood Markets Inc
Stock Market Analysis: Robinhood Markets Inc Summary of Analysis
Company: Robinhood Markets Inc
Industry: Finance, Security Brokers, Dealers & Flotation Companies
Market Cap: 19.21 billion
Stock Price: $156.14
Dividend Yield: None
Price/Earnings Ratio: 0.14
EPS: 2.306
Beta: 0.0622
Volume: 2.042 billion
50-Day Moving Average: $21.39
200-Day Moving Average: $0
Relative Strength Index (RSI): 0.401
More about GameStop Corp
GameStop Corp Technical Analysis Summary
Company: GameStop Corp
Industry: Trade & Services, Retail-Computer & Computer Software Stores
Market Cap: 10,527,584,000
Stock Price: 308.75
Dividend Yield: None
P/E Ratio: 0.08
EPS: 16.1
Beta: 0.0051
Volume: 4,917,500,000
Current Ratio: 8.38
Debt/Equity: 0.259
Return on Equity: -0.287
More about Fifth Third Bancorp
Fifth Third Bancorp is a finance company in the state commercial banks industry. It has a market capitalization of $24.61 billion with a current price of $11.46. The company's earnings per share is $1.38, and it has a dividend yield of 3.14% with a beta of 11.9. The stock has a price-to-earnings ratio of 0.284 and a total cash of $8.145 billion. The current stock price is $40.17, representing a decrease of 10.3% from the previous period. The stock also experienced a decrease of 2.4% in the last quarter.