Navigating Ethical Hacking in Cybersecurity: Lessons from CertiK's Dispute with Kraken

Jun 29, 2024

 Navigating Ethical Hacking in Cybersecurity: Lessons from CertiK's Dispute with Kraken
 Navigating Ethical Hacking in Cybersecurity: Lessons from CertiK's Dispute with Kraken
 Navigating Ethical Hacking in Cybersecurity: Lessons from CertiK's Dispute with Kraken

White hat hacking, also known as ethical hacking, plays a critical role in cybersecurity across various sectors, including blockchain, cloud computing, artificial intelligence, and operating systems. Companies like CertiK, Trail of Bits, and Open Zeppelin have established themselves as trusted auditors, identifying and resolving vulnerabilities to enhance security. However, controversies can arise, as seen in CertiK's recent dispute with Kraken. After discovering a critical vulnerability in Kraken's balance calculation and deposit mechanism, CertiK conducted unsolicited penetration testing, exploiting the flaw multiple times before reporting it. While the issue was swiftly resolved by Kraken's security team, the incident highlighted the delicate balance between ethical disclosure and responsible handling of vulnerabilities in cybersecurity.