image credit: Pexels

Kraken Crypto Exchange Hit by $3 Million Theft Exploiting Zero-Day Flaw

June 19, 2024

Crypto exchange Kraken revealed that an unnamed security researcher exploited an “extremely critical” zero-day flaw in its platform to steal $3 million in digital assets and refused to return them.

Details of the incident were shared by Kraken’s Chief Security Officer, Nick Percoco, on X (formerly Twitter), stating it received a Bug Bounty program alert from the researcher about a bug that “allowed them to artificially inflate their balance on our platform” without sharing any other details

Within minutes of receiving the alert, the company said it identified a security issue that essentially permitted an attacker to “initiate a deposit onto our platform and receive funds in their account without fully completing the deposit.”

Read More on The Hacker News