When Ya Try To Do A Nice Thing…
TL;DR
-
An ‘moral hacker’ discovered a bug in Kraken’s code, and earlier than reporting it, stole $3M – now they’re asking for much more.
Full Story
There’s nothing worse than attempting to do the suitable factor, after which getting taken benefit of.
Take Erik from Season 16 of Survivor who gave up his immunity necklace, solely to be voted out of the sport minutes later.
(We’re big Survivor followers! Don’t @ us).
Questioning how this all pertains to crypto?
The crypto alternate, Kraken, simply suffered from an identical destiny to Erik.
As most exchanges do, Kraken gives a bounty program.
(I.e. a means for ‘moral hackers’ to seek out bugs and be paid to inform the alternate about them, earlier than the alternate will get exploited).
However, an nameless self-proclaimed ‘safety researcher’ not too long ago discovered a vital safety bug and alerted the cryptocurrency alternate…after exploiting the bug for $3M.
The place a typical bounty program might pay tens and even a whole lot of hundreds of {dollars} for locating a bug, $3M just isn’t even throughout the ballpark for Kraken.
In Nicholas Percoco, Chief Safety Officer of Kraken’s phrases: “That is extortion!”
The excellent news is that the safety workforce at Kraken have now fastened the bug; and apparently no customers’ funds had been accessed or stolen (the $3M was from Kraken’s treasury fund).
All we are able to say is, to the ‘safety researcher’ on the market: c’mon – do the suitable factor and return these funds! The tribe has spoken.
(Too far? Yeah ok).