BOOK NOW
Investors Choice

Bitcoin Halving Countdown:

Countdown Expired!

STAY UP TO DATE WITH WCT

Subscribe to our newsletter and don’t miss the latest news from the world of crypto and receive notifications about new WCTAcademy articles!

Certik Returns $3 Million to Kraken Amid Controversy for Holding Funds ‘Hostage’

Illustration of Kraken and Certik logos with a background of cryptocurrency symbols, depicting the return of funds and the controversy surrounding the bug bounty report

In a surprising turn of events, Certik, a cybersecurity firm, has returned $3 million to cryptocurrency exchange Kraken. This follows a controversy where Certik was accused of holding the funds “hostage” after discovering a critical bug on Kraken’s platform.

Return of Funds

Kraken’s Chief Security Officer, Nick Percoco, confirmed the return of the funds, stating, “Update: We can now confirm the funds have been returned (minus a small amount lost to fees).”

 

Certik announced their actions in a Q&A post on X, clarifying that they did not steal any funds but instead “minted cryptos out of thin air.” The firm emphasized that Kraken requested more funds than Certik withheld.

According to Certik, they returned:

  • 734 ETH ($2.5 million)
  • $29,000 USDT
  • 1021 XMR ($174,000)

Meanwhile, Kraken had requested:

  • 155,818 MATIC ($91,000)
  • $907,000 USDT
  • 475 ETH ($1.66 million)
  • 1,089 XMR ($184,000)
The Controversy

The controversy began on Wednesday when Kraken alleged that Certik had drained and withheld $3 million from their platform after discovering a critical vulnerability on June 9. Certik responded with counter-allegations, claiming the exchange was threatening company employees.

 

Nick Percoco explained that the bug bounty report filed on June 9 revealed how malicious actors could initiate a deposit onto Kraken’s platform and receive funds without fully completing the deposit, effectively allowing them to “print” assets on the exchange.

 

Certik confirmed their involvement in the bug bounty report and admitted to conducting dozens of “test” transactions on the exchange.

Breakdown of Events
  1. June 9: Certik discovers a critical vulnerability on Kraken’s platform and files a bug bounty report.
  2. Allegations: Kraken alleges Certik drained and withheld $3 million after discovering the bug.
  3. Counter-claims: Certik claims they did not steal funds but rather minted cryptos out of thin air and accused Kraken of threatening their employees.
  4. Return of Funds: Certik returns $3 million to Kraken, minus a small amount lost to fees.
Impact on Both Firms

This controversy has highlighted the complexities and potential conflicts in the relationship between cybersecurity firms and cryptocurrency exchanges. While bug bounty programs are essential for identifying vulnerabilities, the manner in which these discoveries are handled can lead to significant disputes.

 

Kraken’s prompt response to the issue and Certik’s eventual return of the funds demonstrate a commitment to resolving the situation, but the public quarrel has undoubtedly caused reputational damage to both parties.

Telegram
Twitter
LinkedIn
Facebook
Email

Featured News

Investors Choice

More News

Load More
Moby Media Logo

STAY UP TO DATE WITH MOBYMEDIA

copyright MobyMedia 2023

BOOK NOW