Blockchain security firm CertiK has publicly identified itself as the “security researcher” that cryptocurrency exchange Kraken accused of stealing $3 million worth of digital assets.
On June 19, CertiK announced via X that it had informed Kraken about an exploit that enabled it to withdraw millions of dollars from the exchange’s accounts.
Kraken’s chief security officer, Nicholas Percoco, had previously claimed that an unnamed security team had committed “extortion” by refusing to return the funds until Kraken agreed to provide a significant sum for the disclosure of the bug.
“After initial successful conversations on identifying and fixing the vulnerability, Kraken’s security operation team has THREATENED individual CertiK employees to repay a MISMATCHED amount of crypto in an UNREASONABLE time even WITHOUT providing repayment addresses,” stated CertiK.
“In the spirit of transparency and our commitment to the Web3 community, we are going public to protect all users’ security. We urge [Kraken] to cease any threats against whitehat hackers.”
CertiK released a timeline of events, beginning with identifying the exploit on June 5 and ending with claims that Kraken threatened a CertiK employee on June 18.
CertiK told Cointelegraph that it planned to transfer the funds “to an account that Kraken will be able to access.”
Many in the crypto community initially sided with Kraken, suggesting that CertiK’s actions did not align with typical white hat hacker behavior.
READ MORE: Ether Surges Above $3,500 as SEC Ends Ethereum 2.0 Investigation
It remains uncertain whether Kraken has grounds for legal action.
In April, CertiK reported that approximately $1 billion in digital assets had been lost to illicit activity in 2023.
The firm has a history of identifying vulnerabilities, including issues with the Wormhole bridge on Aptos and the Telegram app.
CertiK’s decision to go public reflects its commitment to transparency and the security of the Web3 community.
The firm’s actions aim to protect users and uphold ethical standards within the industry.
As this situation unfolds, the crypto world watches closely, awaiting further developments and possible resolutions.
To submit a crypto press release (PR), send an email to sales@cryptointelligence.co.uk.