BTW.Media
Strategic Internet IntelligenceMay 12, 2026
Sign InRegister

Trends

Kraken reports nearly $3M bug-related exploit

OUR TAKE This incident not only has an impact on Kraken’s reputation, but also serves as a reminder that the entire cryptocurrency industry must continually improve its security safeguards in response to increasingly sophisticated and sophisticated cyberattacks and fraud. In the future, it will be a…

Kraken-reports-nearly-$3M-bug-related-exploit
AuthorRevel Cheng
Reading Time2 min
PublishedJune 20, 2024
Primary DomainN/A
Content TypeN/A
TopicN/A
EntityN/A
RegionN/A
Time HorizonN/A
ImpactN/A
ConfidenceN/A

Headline

OUR TAKE This incident not only has an impact on Kraken’s reputation, but also serves as a reminder that the entire cryptocurrency industry must continually improve its security safeguards in response to increasingly sophisticated and sophisticated cyberattacks and fraud. In the…

Context

OUR TAKE This incident not only has an impact on Kraken’s reputation, but also serves as a reminder that the entire cryptocurrency industry must continually improve its security safeguards in response to increasingly sophisticated and sophisticated cyberattacks and fraud. In the future, it will be a crucial challenge and responsibilities for cryptocurrency exchanges to ensure the safety of funds and the protection of customer data. –Revel Cheng, BTW reporter Cryptocurrency trading platform Kraken has reported an exploit less than a fortnight ago that saw it lose almost $3 million in a bug-related attack.

Evidence

Pending intelligence enrichment.

Analysis

Kraken revealed a bug attack on June 9, which saw the bad actor make away with nearly $3 million. Based on the report shared by Kraken Chief Security Officer Nick Percoco, the exchange received a bug bounty program alert. The CSO noted that a further probe revealed an isolated bug that gave the bad actor unmerited privileges. Specifically, they could initiate a deposit on Kraken Exchange and receive funds in their account even though they had not fully completed the deposit. A security researcher discovered a bug in Kraken’s funding system and credited their account with $4 in cryptocurrency. This amount was enough to demonstrate the flaw and file a bug bounty report, which would have earned a significant reward under Kraken’s program. Instead, the researcher shared the bug with two colleagues, who exploited it to generate much larger sums fraudulently. This collusion led to a loss of nearly $3 million, taken from Kraken’s treasuries rather than client assets.

Key Points

  • Kraken suffered a bug attack that resulted in it losing almost $3 million less than two weeks ago.
  • Anyone could initiate a deposit to the platform and receive the funds without completing it.

Actions

Pending intelligence enrichment.

Author

Revel Cheng (r.cheng@btw.media)· author profile pending