According to Nick Percoco, a group of security specialists identified a critical error that, under certain circumstances, allowed an attacker to receive a deposit and withdraw funds without completing the transaction completely. In case of errors, white hackers can claim a reward under the Kraken Bug Bounty loyalty program from 1 BTC or more, depending on the severity of the vulnerability identified.
However, in this case, white hackers took advantage of the error to withdraw digital assets to their accounts. When the Kraken team requested a full report on the activities and demanded the return of the withdrawn assets, the self-proclaimed cryptosecurity researchers refused, demanding large compensation in the amount of damage that the error could have caused.
"They have not agreed to return any funds until we provide the desired compensation in dollars. This is not white hacking, this is extortion! We will not disclose information about this research group because it does not deserve recognition. We consider this incident as a criminal offense and have contacted law enforcement agencies," Nick Percoco wrote on the social network.
The top manager clarifies that the cryptocurrency was stolen directly from the accounts of the Kraken exchange, and user funds were not affected.
Earlier, the developers of the Super Sushi Samurai game working on the blockchain Blast reported the hacking and withdrawal of assets worth about $ 4.6 million. According to preliminary data, an anonymous white hacker withdrew funds to his account, allegedly for the sake of protecting user assets.