Farcaster

Kraken accused CertiK of extortion after withdrawing $3 million through exploit

The head of security at the Kraken crypto exchange, Nick Percoco, said that unknown persons discovered an exploit on the platform and withdrew $3 million from it.

CertiK experts took responsibility for these actions, noting that they were looking for a vulnerability. They said Kraken did not immediately respond to notification of the error, which could have resulted in “hundreds of millions of dollars” in damages.
“We asked for a full report on their activities, evidence of the discovered exploit, and to arrange for the return of the funds they withdrew. This is common practice for any Bug Bounty program. These security researchers refused,” Percoco emphasized.
Instead of the expected reward for bug hunting, CertiK demanded an amount comparable to the potential damage from the exploit, which Percoco called extortion.🪵 😮