Nick Percoco, Kraken’s chief security officer, confirmed that the crypto exchange recovered recently stolen funds from his account after a bug vulnerability.
On June 20, Percoco shared on X that the exchange had managed to recover these funds. Although the Kraken NGO did not specify where it came from, previous statements revealed that the security research firm involved in the debacle was Certik.
Kraken accused the security research firm of being behind the accounts stealing funds from the exchange’s treasury after discovering a bug.
What happened?
Certik posted a statement on X on June 19 stating that its staff were the same people who contacted Kraken about a critical bug discovered in the exchange’s accounting system.
Specifically, Certik said the vulnerability would allow exploiters to mint millions of digital assets from Kraken.
Interestingly, employees of the research firm had withdrawn $3 million from Kraken by exploiting the same vulnerability. They then demanded that the exchange reward the bug bounty.
According to Kraken and Certik’s post, the employees in question did not return the money when asked.
“Following initial successful conversions to identify and remediate the vulnerability, Kraken’s security operations team threatened individual CertiK employees with refunding incompatible amounts of cryptocurrency in an unreasonable amount of time, even without providing refund addresses,” the platform said.
Kraken described this as extortion rather than honest actions by white hat hackers.
Certik offered to return the money
Certik then announced in X that it would move the funds in question to a wallet accessible to Kraken.
The statement said:
“Since Kraken did not provide a refund address and the amount requested did not match, we are transferring the funds to an account accessible to Kraken, according to our records.”
On Thursday, Kraken confirmed it had recovered the funds, with a small amount lost due to fees. In an earlier report, Kraken told customers that no user funds were lost during the bug debacle.
Bitcoin 
Ethereum 
Tether 
XRP 
Solana 
BNB 
Dogecoin 
USDC 
Cardano 
Lido Staked Ether 
TRON 
Avalanche 
Chainlink 
Shiba Inu 
Toncoin 
Wrapped stETH 
Polkadot 
Sui 
Wrapped Bitcoin 
Stellar 
Hedera 
Uniswap 
Bitcoin Cash 
WETH 
Pepe 
Litecoin 
LEO Token 
NEAR Protocol 
Wrapped eETH 
Aptos 
Internet Computer 
Hyperliquid 
Aave 
Ethena USDe 
POL (ex-MATIC) 
Ethereum Classic 
USDS 
Cronos 
Render 
VeChain 
Artificial Superintelligence Alliance 
Bitget Token 
Bittensor 
Mantle 
Arbitrum 
Kaspa 
Filecoin 
MANTRA 
Algorand 
Stacks