🔐💰Crypto exchange Kraken recently faced a security scare! A security researcher discovered a critical bug that could artificially inflate the platform's balance. The flaw, linked to a recent UX update, allowed accounts to be credited before assets had cleared, enabling real-time crypto trading.

Three accounts exploited this vulnerability, withdrawing nearly $3M from Kraken's treasury. One account belonged to the researcher who reported the bug. Instead of accepting a reward through Kraken's Bug Bounty program, the researchers demanded an estimate of the potential financial impact if the bug had gone unreported.

Kraken's Chief Security Officer, Nick Percoco, labeled the incident as extortion, not white-hat hacking. He assured that no client assets were at risk and the matter is being treated as a criminal issue.

Kraken's Bug Bounty program, which acknowledged 22 reports in 2023, continues to play a vital role in securing user assets and maintaining trust in the crypto market.

What are your thoughts on this incident? Share in the comments! 💭👇