bitcoin
Bitcoin (BTC) $ 69,763.69
ethereum
Ethereum (ETH) $ 2,435.70
tether
Tether (USDT) $ 0.999965
bnb
BNB (BNB) $ 566.61
usd-coin
USDC (USDC) $ 0.999982
xrp
XRP (XRP) $ 0.515039
binance-usd
BUSD (BUSD) $ 0.99825
dogecoin
Dogecoin (DOGE) $ 0.172175
cardano
Cardano (ADA) $ 0.334805
solana
Solana (SOL) $ 167.21
matic-network
Polygon (MATIC) $ 0.305082
polkadot
Polkadot (DOT) $ 3.87
tron
TRON (TRX) $ 0.160415
bitcoin
Bitcoin (BTC) $ 69,763.69
ethereum
Ethereum (ETH) $ 2,435.70
tether
Tether (USDT) $ 0.999965
bnb
BNB (BNB) $ 566.61
usd-coin
USDC (USDC) $ 0.999982
xrp
XRP (XRP) $ 0.515039
binance-usd
BUSD (BUSD) $ 0.99825
dogecoin
Dogecoin (DOGE) $ 0.172175
cardano
Cardano (ADA) $ 0.334805
solana
Solana (SOL) $ 167.21
matic-network
Polygon (MATIC) $ 0.305082
polkadot
Polkadot (DOT) $ 3.87
tron
TRON (TRX) $ 0.160415
More

    Kraken patches “remoted bug”, says no person funds stolen

    Latest News


    • Kraken says it patched a bug that may have allowed exploiters to inflate account balances
    • Bug found by a safety researcher, whose linked accounts reportedly siphoned $3 million from Kraken treasury by exploiting the vulnerability.

    Kraken has introduced that its safety workforce has patched a bug that may have allowed sure customers to probably inflate their account balances on the change.

    The announcement follows Kraken’s revelation {that a} safety researcher had recognized the vulnerability as a part of the change’s bug bounty program.

    “On June 9 2024, we acquired a Bug Bounty program alert from a safety researcher. No specifics had been initially disclosed, however their electronic mail claimed to seek out an “extraordinarily vital” bug that allowed them to artificially inflate their steadiness on our platform,” Kraken chief safety officer Nick Percoco posted on X.

    $3 million stolen, not person funds

    Particularly, the flaw would have allowed sure customers, albeit a brief time frame, to “artificially enhance the worth of their Kraken account steadiness with out totally finishing a deposit,” the change mentioned in a weblog publish.

    Kraken has since patched this bug in its deposit and funding system and famous that it didn’t influence any buyer funds.

    Nevertheless, whereas the change has fastened the remoted bug, the report got here after two customers had already exploited the vulnerability to withdraw $3 million from their accounts. These accounts are reportedly associated to the identical safety researcher that recognized the bug and knowledgeable Kraken.

    See also  Radius raises $1.7M in pre-seed funding to develop a trustless shared sequencing layer

    Allegedly, the unnamed particular person knowledgeable Kraken of the bug after the $3 million withdrawal.

    In accordance with Percoco, regardless of the large withdrawal, the safety researcher has demanded that they get his bounty reward.

    “We’ll not disclose this analysis firm as a result of they don’t deserve recognition for his or her actions. We’re treating this as a prison case and are coordinating with regulation enforcement businesses accordingly. We’re grateful this subject was reported, however that’s the place that thought ends,” Percoco added.

    LEAVE A REPLY

    Please enter your comment!
    Please enter your name here

    Hot Topics

    Related Articles