Crypto security experts at CertiK admitted that they were the same white hat hackers who found a vulnerability in the American exchange Kraken and were accused of stealing $3 million worth of crypto assets.
On Wednesday, June 19, Kraken security director Nick Percoco reported that a group of undisclosed anonymous white hat hackers illegally took possession of approximately $3 million worth of digital assets. According to Nick Percoco, attempts by the Kraken administration convincing the “white hats” to return assets encountered resistance: people simply wanted to enrich themselves at the expense of others. Those who discovered the error stated that they would not return the withdrawn funds.
Although the statement from the Kraken crypto exchange and Nick Percoco did not directly say whose experts were behind the exploit, it did not go unanswered by the company conducting the crypto examination. It turned out to be the company CertiK.
CertiK’s response message said : instead of answering the crypto community’s question about why the Kraken security system was unable to detect so many test transactions, the exchange administration “publicly accused us of theft and directly threatened our employees, which is completely unacceptable.”
“According to our testing, Kraken’s defense in depth system was compromised on multiple fronts, and the exchange could have lost millions of dollars. After discovering the vulnerability, we informed Kraken and the exchange’s security service classified the issue as critical. This is the most severe level of threat classification in Kraken. However, the exchange team responded and blocked the test accounts only a few days after we officially reported the incident. Note: Kraken demanded the return of an inaccurate amount of cryptocurrency and did not provide us with the necessary redemption addresses,” CertiK representatives said.
The company is ready to return the funds back to the American exchange, but does not understand the disagreement of the Kraken team to publicly inform the crypto community about the extent of the damage that the vulnerability could cause.
“Since Kraken has not provided redemption addresses, we are transferring funds based on our records to an account that Kraken can access,” CertiK said in a statement.
Earlier, CertiK reported that the top 3 security ratings for cryptocurrency wallets included Metamask, OKX Web3 Wallet and Bitget Wallet.
