Kraken removes isolated errors and says that no user money has been stolen

• octopus says it has fixed a mistake that would have made it possible to attack accounting stands
• The error was discovered by a security researcher, the connected accounts of which, according to use of this weak point, reported on $ 3 million from the octopus treasury.

octopus announced that his security team has fixed a mistake that would have made it possible for certain users to possibly open their accounting stands on the stock exchange.

The announcement follows the unveiling of octopuses that a security researcher discovered the vulnerability as part of the BUG bounty program of the stock exchange.

"On June 9, 2024, we received a warning of a security researcher as part of the bug bounty program. At first no details were announced, but in their email they claimed to have found an" extremely critical "mistake that enabled them to artificially open their credit on our platform," said Nick Percoco, Chief Security Officer from Kraken.

3 million dollars stolen, no user money

Specifically, the error would have made certain users possible, if only for a short time "to increase the value of their octopus stand artificially without completely completing a deposit", said the stock exchange in a blog entry .

Kraken has now remedied this error in its deposit and financing system and pointed out that it had no effect on customer funds.

Although the stock exchange has fixed the isolated error, the report, after two users had already exploited the vulnerability, came from $ 3 million from their accounts. According to reports, these accounts are connected to the same security researcher who identified the error and informed octopuses.

supposedly informed the person not mentioned by name scratched the error after the payment of $ 3 million.

According to Percoco, the security researcher has requested the payment of his bounty bonus despite the enormous withdrawal amount.

"We will not reveal this research company because it does not deserve recognition for his deeds. We treat this as a criminal case and coordinate accordingly with the law enforcement authorities. We are grateful that this incident was reported, but this thought ended," added Percoco.