Crypto Times Logo Black
Google News Follow Banner
  • News
    • Market
    • Bitcoin
    • Ethereum
    • Altcoins
    • Regulations & Policies
    • DeFi News
    • Blockchain News
    • Industry
  • Exclusive
  • Opinion
  • Learn
    • Explained
    • How To
    • Insights
  • Podcasts
  • More
    • About Us
    • Our Authors
    • Contact Us
    • Editorial Policy
The Crypto TimesThe Crypto Times
  • All News
  • Market
  • Bitcoin
  • Ethereum
  • Altcoins
  • Regulations & Policies
  • Blockchain
  • DeFi
  • Industry
  • Exclusive
  • Opinion
Search
  • News
    • Market
    • Bitcoin
    • Ethereum
    • Altcoins
    • Regulations & Policies
    • Blockchain
    • DeFi
    • Industry
    • Exclusive
    • Opinion
  • Learn
    • Explained
    • How To
    • Insights
  • Quick Links
    • About Us
    • Our Authors
    • Contact Us
    • Editorial Policy
    • AI Policy
    • Sponsored & Advertorial Policy
  • Podcasts
Follow US
© 2026 By Crypto Times. All Rights Reserved.
DeFi News

Kraken Hit by Extortion After Hackers Exploit $3 Million Bug

Kraken swiftly resolved the issue, ensuring no impact on user funds, but raised serious concerns.

Written By Dishita Malvania Dishita Malvania
Published June 19, 2024 10:03 PM·Updated 2 years ago
Make The Crypto Times preferred on GoogleGoogle
Share
Kraken Hit by Extortion After Hackers Exploit $3 Million Bug

Crypto exchange Kraken recently faced a challenging situation involving security researchers who allegedly crossed the line into extortion. Nick Percoco, Kraken’s Chief Security Officer, detailed the incident on social media platform X.

According to Percoco, on June 9, Kraken received a report from a security researcher about a vulnerability that allowed users to artificially inflate their account balances. This flaw enabled a malicious attacker to initiate deposits and receive funds without completing the process.

Kraken Security Update:

On June 9 2024, we received a Bug Bounty program alert from a security researcher. No specifics were initially disclosed, but their email claimed to find an “extremely critical” bug that allowed them to artificially inflate their balance on our platform.

— Nick Percoco (@c7five) June 19, 2024

Kraken promptly fixed the issue, ensuring no user funds were affected. However, the aftermath of the report raised serious concerns.

Kraken found that the individual who discovered the bug had leveraged it to credit their account with $4 in crypto. his would have been sufficient to prove the flaw, file a bug bounty report with them, and collect a reward.

Instead of contacting Kraken immediately, the security researcher reportedly shared the vulnerability with two other individuals. 

These individuals then exploited the flaw, withdrawing nearly $3 million from Kraken’s treasury, not from other clients’ assets. The initial bug report did not mention these fraudulent transactions, and when Kraken sought further details, the researchers refused to cooperate.

Instead, they demanded a meeting with Kraken’s business development team and declined to return the funds until Kraken speculated on the potential financial impact of the bug if it had gone undisclosed. Percoco labeled this demand as extortion rather than ethical hacking.

Bug bounty programs, like those run by Kraken and its competitor Coinbase, are designed to incentivize third-party hackers, known as “white hats,” to find and report vulnerabilities responsibly. These programs typically require hackers to exploit the minimum amount necessary to prove the bug, return any assets obtained, and provide detailed information about the vulnerability.

Kraken’s resilience shines amid recent challenges. Kraken’s Chief Security Officer, Nick Percoco, shared “We’ll not disclose this research company because they don’t deserve recognition for their actions. We are treating this as a criminal case and are coordinating with law enforcement agencies accordingly. We’re thankful this issue was reported, but that’s where that thought ends.”

Also Read: Indian Hacker Loses 1,112 ETH in London Machete Robbery

Disclaimer: The information researched and reported by The Crypto Times is for informational purposes only and is not a substitute for professional financial advice. Investing in crypto assets involves significant risk due to market volatility. Always Do Your Own Research (DYOR) and consult with a qualified Financial Advisor before making any investment decisions.

Follow The Crypto Times on Google News to Stay Updated!      Google News
Google News Banner

Share This Article
Whatsapp Whatsapp LinkedIn Telegram Copy Link

Latest News

Demo Live
Prediction Market Fight May Reach Supreme Court CFTC Chair Selig
Prediction Market Fight May Reach Supreme Court: CFTC Chair Selig
Anchorage Bets Big on AI Economy With New Banking Model
Anchorage Bets Big on AI Economy With New Banking Model
Tapnob Rolls Out Crypto-to-Naira Payment Platform in Nigeria
Tapnob Rolls Out Crypto-to-Naira Payment Platform in Nigeria
Clarity Act on Fast Track Senator Moreno Sets July 4 Deadline
Clarity Act on Fast Track? Senator Moreno Sets July 4 Deadline

Find Us on Socials

You may also like

Aave Files Motion to Unfreeze $71M ETH Tied to KelpDAO Exploit

Aave Files Motion to Unfreeze $71M ETH Tied to KelpDAO Exploit

Wasabi Protocol Update EVM Breach Triggers Lockdown and Probe

Wasabi Protocol Update: EVM Breach Triggers Lockdown and Probe

Solana Bot Turns 23 Cents Into $696K in Arb Trade After ANB Token Crashes

Solana Bot Turns 23 Cents Into $696K in Arb Trade After ANB Token Crashes

Aptos-Based Tapp Exchange Shutdown Raises Fresh DeFi Stability Concerns

Aptos-Based Tapp Exchange Shutdown Raises Fresh DeFi Stability Concerns

The Crypto Times Logo PNG

Providing real-time, accurate Crypto reporting. Your trusted source for Crypto News and Research.

Stay Updated

All News
Exclusive
Opinions
Learn
Podcasts

Company

About Us
Our Authors
Editorial Policy
AI Policy
Advertorial Policy

Get In Touch

Contact Us
Career

Find Us on Socials

X-twitter Linkedin Telegram Youtube Instagram

© 2026 The Crypto Times | A BITROCK TECHNOLOGIES L.L.C. Company.

DMCA.com Protection Status
  • Terms and Conditions
  • Disclaimer
  • Privacy Policy
  • Cookie policy
Do Not Sell or Share My Personal Information