CertiK Clears up Extortion Allegations as Kraken Recovers $3M

cryptonews.com:

Cryptocurrency exchange Kraken confirmed on June 20 the recovery of nearly $3 million in digital assets from blockchain security firm CertiK following extortion allegations that had overshadowed their white-hat hack.

Kraken’s Chief Security Officer Nick Percoco took to X to announce the return of the funds, minus the amount spent on transaction fees.

Update: We can now confirm the funds have been returned (minus a small amount lost to fees). https://t.co/cHkjPt3m2A

— Nick Percoco (@c7five) June 20, 2024

Kraken’s CSO first reported the $3 million in missing funds on June 19, stating that a “security researcher” had maliciously withdrawn them from the treasury after discovering and disclosing an existing bug.

Kraken alleged that the security researcher had extorted them , refusing to return the funds and demanding a reward along with a call with the exchange’s business development team.

Shortly after Kraken’s post about the missing funds, blockchain security firm CertiK publicly identified itself as the “security researcher” that Kraken claimed stole $3 million of digital assets.

This came in an effort to challenge the allegations and dispel any notions of malicious intent .

In a June 19 X post , CertiK said it had informed Kraken of an exploit that allowed it to remove millions of dollars from the exchange’s accounts. CertiK also claimed to have been threatened by the exchange’s team.

“After initial successful conversions on identifying and fixing the vulnerability, Kraken’s security operation team has THREATENED individual CertiK employees to repay a MISMATCHED amount of crypto in an UNREASONABLE time even WITHOUT providing repayment addresses,” CertiK stated.

To clarify their side of the story, CertiK also released