Kraken Alleges Extortion by Researchers After $3M Bug Exploit

Security researchers exploited a vulnerability to withdraw millions, refusing to return funds without a bounty.

Kraken patched a bug that allowed users to artificially inflate their balances and withdraw funds.
Three individuals exploited the bug, withdrawing nearly $3 million from Kraken's treasury.
Kraken's bug bounty program requires researchers to follow specific rules to receive payment.
The researchers demanded a bounty without returning the funds or providing full details of the bug.
Kraken is now working with law enforcement to recover the stolen assets.