🔥 Certik and Kraken Clash Over Platform Vulnerability and $3M Bug Exploitation! 🔥
In a heated dispute, Kraken and Certik are butting heads over a critical platform vulnerability that might involve financial losses and accusations of theft. The controversy has both sides pointing fingers and leveling serious charges.
#Certik , in a post today, June 20, 2024, denies Kraken’s claims, insisting they were conducting a "white hat" operation. They argue that no user assets were involved and that the cryptocurrencies used were created out of thin air. They also maintain they were in constant communication with Kraken.
The dispute kicked off on June 9, according to Kraken’s Chief Security Officer Nick Percoco. On June 19, Percoco detailed Kraken’s side of the story, revealing they received a bug bounty alert about a flaw that could let attackers "print assets" in Kraken accounts. Although Kraken resolved the issue quickly, they found $3 million had been withdrawn. One of the exploiting accounts was KYC-verified and linked to the entity that flagged the issue.
#Percoco stated that Kraken sought a full account of activities from the entity, which refused to cooperate, prompting them to involve law enforcement.
Certik then identified themselves as the entity that reported the bug and withdrew funds using the flaw. They claimed Kraken responded late and even threatened their employees. Certik also accused Kraken of demanding an "UNREASONABLE" repayment amount without providing repayment addresses.
Certik says it returned $2.8 million, while Kraken demands $2.882 million. Certik describes their actions as a “white hat operation” and shared a detailed timeline of events. They emphasized they never asked for a bounty, contrary to Kraken’s claims, and urged Kraken to cease any threats.
As of now, Kraken has not released an official statement. Stay tuned for more updates! 🌐💥
