Navigating Ethical Hacking in Cybersecurity: Lessons from CertiK's Dispute with Kraken
Jun 29, 2024
White hat hacking, also known as ethical hacking, plays a critical role in cybersecurity across various sectors, including blockchain, cloud computing, artificial intelligence, and operating systems. Companies like CertiK, Trail of Bits, and Open Zeppelin have established themselves as trusted auditors, identifying and resolving vulnerabilities to enhance security. However, controversies can arise, as seen in CertiK's recent dispute with Kraken. After discovering a critical vulnerability in Kraken's balance calculation and deposit mechanism, CertiK conducted unsolicited penetration testing, exploiting the flaw multiple times before reporting it. While the issue was swiftly resolved by Kraken's security team, the incident highlighted the delicate balance between ethical disclosure and responsible handling of vulnerabilities in cybersecurity.
Previous
Next