As part of our ongoing commitment to enhance the overall security of the crypto ecosystem, we’re informing the crypto community that we have patched an isolated bug in our deposit and funding systems. No client assets were impacted or vulnerable leading up to this disclosure. Kraken has fixed the bug. 

The bug was initially discovered by a third-party security research company who had exploited the flaw for financial gain before reporting it to Kraken’s Bug Bounty program. This flaw allowed certain users, for a short period of time, to artificially increase the value of their Kraken account balance without fully completing a deposit.

On discovery, a cross-functional effort at Kraken mitigated the issue in less than an hour. We then thoroughly tested the solution to guard against similar issues in the future. 

Unfortunately, the third-party researchers that discovered the bug acted in bad faith and outside the rules of our

Keep reading this article on

Leave a Reply