Former US President Donald Trump has revealed that JPMorgan CEO Jamie Dimon, a well-known skeptic of Bitcoin and cryptocurrencies, has apparently “changed his tune,” with the potential to win the role of Treasury Secretary in the scenario where the former president once again wins the seat in the Oval Office. Trump’s comments come as Treasury […]
Cryptocurrency exchange Kraken has announced that it has fallen victim to a major security flaw that has resulted in the theft of $3 million worth of digital assets. However, in a surprising turn of events, the party responsible has been identified as CertiK. This blockchain security firm claims to have initially reported the bug through Kraken’s bug bounty program. CertiK is now accused of exploiting additional vulnerabilities and extorting the exchange for more money, leading to calls for legal action and concerns among crypto investors. Kraken Security Flaws Exposed The incident unfolded when Kraken’s Chief Security Officer, Nick Percoco, revealed that the exchange had received a bug report on June 9 from a self-described security researcher. The researcher claimed to have discovered an “extremely critical” bug that allowed them to inflate their balance on the platform artificially. Upon further investigation, CertiK, which admitted its involvement in the incident in its social media post, uncovered several critical vulnerabilities in Kraken’s systems that could potentially result in losses of hundreds of millions of dollars. Related Reading: Whales Dump Over $1 Billion In Bitcoin: Fire Sale Or Foreshadowing? CertiK’s findings revealed shortcomings in Kraken’s deposit system, indicating a failure to differentiate between internal transfer statuses. Furthermore, CertiK’s testing revealed that Kraken failed all these tests, exposing the compromised state of Kraken’s defense-in-depth system. According to CertiK, “millions of dollars” could be deposited into any Kraken account, and a substantial amount of fabricated cryptocurrency (worth over $1 million) could be withdrawn and converted into valid digital assets. The security firm also claimed that no alerts were triggered during a “multi-day test period” and that Kraken only responded and blocked the test accounts days after the incident was officially reported. Following the identification of the vulnerability, CertiK alleges that Kraken’s security operations team “threatened” individual CertiK employees, demanding the repayment of a “mismatched” amount of cryptocurrency within an “unreasonable time frame,” without providing repayment addresses. However, Kraken’s Percoco countered that they had requested a full accounting of the then-unknown company’s activities and the return of the withdrawn funds. Percoco argued that CertiK’s refusal to comply with these requests violated the rules of ethical hacking and bordered on extortion. Will CertiK Face Legal Repercussions? The revelation of this incident has raised surprise and concerns within the cryptocurrency community, leading to calls for legal action against CertiK. One user accused CertiK of stealing the $3 million funds from Kraken, holding it ransom for a bounty, refusing to return the funds, and now transferring the money to Tornado.cash to protect it from potential seizure by authorities. Coinbase’s Director, Conor Grogan, pointed out that Tornado.cash is subject to the Office of Foreign Assets Control (OFAC) sanctions and highlighted CertiK’s US domicile, hinting at potential legal repercussions by US agencies. Market expert Adam Cochran also weighed in, astonished at CertiK’s actions and highlighting the firm’s history of compromised audits. Cochran went further to describe the situation as “Down right criminal.” Related Reading: Bitcoin Takes Control In Market Meltdown, Dominance Climbs To 9-Week Peak The next steps taken by Kraken and potential consequences for CertiK are yet to be seen. However, the involvement of US agencies and potential legal actions loom over the security firm. The unfolding developments in this case will undoubtedly shape the future of bug bounty programs and impact the relationship between cryptocurrency exchanges and security firms. Featured image from Shutterstock, chart from TradingView.com
Terraform Labs, the company at the center of a significant collapse in 2022, has agreed to pay a substantial settlement of $4.47 billion to resolve a civil lawsuit filed by the US Securities and Exchange Commission (SEC). This legal action was undertaken following the collapse, which resulted in the loss of $40 billion in investor […]
In a significant departure from their previous skeptical stance, US regulators are reportedly leaning toward approving the long-awaited spot Ethereum ETFs for the second-largest cryptocurrency by market capitalization. SEC Staff Signals Spot Ethereum ETFs Approval According to a report by Barron’s, the US Securities and Exchange Commission (SEC) staff communicated to exchanges on Monday that […]
In a significant development within the cryptocurrency community, Roger Ver, an early investor in Bitcoin, has been indicted by the US Department of Justice (DOJ) on multiple charges, including mail fraud, tax evasion, and filing false tax returns. Related Reading: Binance Founder CZ’s Trial Begins Today: Lawyers Discuss Potential Prison Time Roger Ver’s Alleged Tax […]
In a major development, the co-founders of Samourai Wallet, Keonne Rodriguez, and William Lonergan Hill, were arrested by US authorities on charges of operating an unlicensed money-transmitting business and conspiracy to commit money laundering. The duo allegedly facilitated the laundering of over $100 million in criminal proceeds, including funds originating from the Silk Road and […]
In a significant development that highlights the Securities and Exchange Commission’s (SEC) increasing regulatory actions against the cryptocurrency industry, Uniswap Labs, the software development company behind the Uniswap decentralized exchange (DEX), recently received a Wells Notice from the SEC. A Wells notice is a formal communication issued by the US SEC to individuals or entities […]
In a highly anticipated judgment with significant implications for the crypto industry’s legal battles against regulators in the United States, the court overseeing the Coinbase and US Securities and Exchange Commission (SEC) legal battle has delivered a ruling. The court found against the crypto firm, supporting the SEC’s claims that the platform operated as an […]
In a significant development, federal prosecutors in the United States have charged cryptocurrency exchange KuCoin and two of its founders with violating anti-money laundering (AML) laws. Founders Face DOJ Charges The US Department of Justice (DOJ) unsealed an indictment against KuCoin and its founders, Chun Gan (also known as “Michael”) and Ke Tang (also known […]
The Ethereum Foundation (EF) has come under investigation by an undisclosed “state authority,”. As per a commit message on GitHub, the EF received a “voluntary inquiry” from the authority, accompanied by a confidentiality requirement. The details and scope of the investigation remain undisclosed, leading to speculation and uncertainty within the Ethereum community. However, this is […]