KuCoin launching $1m bug bounty initiative with Hacken

KuCoin just launched a $1 million bug bounty program with Hacken, in a bid to effectively identify and eliminate vulnerabilities on the exchange’s platform.

KuCoin waging war against heists

The Seychelles-based crypto exchange is set to launch one of the largest bugs bounty programs of any crypto exchange after it was reported that the exchange has partnered with Hacken, a web3 cybersecurity firm, to offer a $1 million bug bounty program on the Hackenproof platform.

According to the announcement, a new security landing page will also be introduced on KuCoin’s homepage, offering users a suite of resources to improve the security of their accounts on the exchange.

The partnership is in line with the exchange’s mission to improve the security of its platform and “work to resolve any vulnerabilities discovered by the researchers and ensure that KuCoin is secure and meets the highest standards for safety.”

The bounty program is open to developers who can help identify and propose solutions to any susceptibilities in KuCoin’s network and entries will be reviewed by Hacken’s bug bounty and vulnerability coordination platform, Hackenproof.

You might also like: Peter Schiff says BTC worthless, going to zero

Based on the nature of the vulnerability, rewards will vary from $50 to $1,000,000 per bug. The bugs are categorized as follows: Critical: $50,000 – $1,000,000; High: $2,000 – $49,000; Medium: $500 – $1,999 and Low: $50 – $499.

Security breaches in web3 aren’t slowing down

Hacks and security breaches have long been a serious challenge in the crypto sector, especially since the decentralized finance (DeFi) boom began a few years ago.

There have been numerous reports about institutions and individuals suffering from these hacks which usually occur as exchange hacks, wallet hacks, or phishing attacks. 

2022 was by a margin the biggest year for bad actors in crypto. According to Chainalysis, more than $3.8 billion was stolen from close to 200 services and protocols in the space last year.

October 2022 accounted for the biggest number with $775.7 million lost during that month alone.

The biggest hack in 2022 was suffered by an Ethereum sidechain of Axie Infinity called Ronin where the hackers stole $625 million in USDC and ETH.

The rate of hacks has not slowed down in 2023 either, according to reports, about $120 million has been stolen from nineteen exchanges, protocols, and individuals so far this year.

2023’s biggest exploit occurred in Febuary when Bonq DAO lost $120 million to hackers in an attack where the hackers targeted the protocol’s smart contract to siphon AllianceBlock tokens from the platform.

Despite DeFi and web3’s exponential growth, security breaches remain a problem mainly due to vulnerabilities in the smart contracts of these protocols.

Due to the nature of smart contracts often being complex and open to interpretation, hackers can easily exploit loopholes by fishing out errors in the code and taking advantage of these bugs, usually leading to loss of customer funds in the platform.

DeFi protocols have subsequently sought to arrest this problem through periodic smart contract audits and bug bounty programs similar to the latest KuCoin and Hacken initiative. 

Governments are proposing measures to ensure the protection of customers on these platforms.

In March 2023, European Union lawmakers approved a bill called the Data Act which makes express provision for data sharing via smart contracts in a bid to “unlock” the untapped potential of industrial data in the region.

This new legislation provides security for protocols’ smart contracts in the sense that it provides a ‘kill switch’ to terminate the continued execution of transactions in the event of a hack. It also makes a provision for the reset of a smart contract within a set of clearly defined conditions.

Read more: Chinese banks going all in on crypto amid US financial crisis


Follow Us on Google News

Share with your friends!

Products You May Like

Leave a Reply

Your email address will not be published. Required fields are marked *