Coinbase discloses it has paid $250K as bounty for bug exploited by White Hat hacker blog.coinbase.com/retrospective-recent-coinbase-bug-bounty-award-9f127e04f060
25 sats \ 4 comments \ @cryptocoin 19 Feb 2022 bitcoin
write
preview
related posts
0 sats \ 3 replies \ @cryptocoin OP 19 Feb 2022
This blog post provides a deeper look into the timeline of events surrounding the bug report, as well as an explanation of the bug itself and the steps we took to resolve it and ensure it cannot happen again.
The underlying cause of the bug was a missing logic validation check in a Retail Brokerage API endpoint, which allowed a user to submit trades to a specific order book using a mismatched source account.
Thanks to the researcher who responsibly disclosed this issue, Coinbase was able to fix this bug in a matter of hours, and conclusively determine that it has never been maliciously exploited.
Coinbase strongly supports independent security research, and when those researchers uncover serious issues, we want to ensure that they are rewarded accordingly. As a result, we are paying our largest-ever bug bounty for this finding: $250,000.
reply
0 sats \ 2 replies \ @cryptocoin OP 19 Feb 2022
Coinbase has awarded a $250k bug bounty for the vulnerability.
Their official disclosure: https://blog.coinbase.com/retrospective-recent-coinbase-bug-bounty-award-9f127e04f060
Full thread from my perspective later today.
-While I have made enough to retire myself and half a dozen generations after, if you feel in a generous spirit AND do not need it for yourself, you can donate ETH or mainstream ERC20-s to TreeOfAlpha.eth which will be forwarded to a charity of my choice.
reply
0 sats \ 1 reply \ @cryptocoin OP 19 Feb 2022
Coinbase's "largest-ever bug bounty"
How a flaw in the new Advanced Trading feature would have allowed a malicious user to sell BTC or any other coin without owning them, and how Coinbase's reaction speed on a Super Bowl Friday averted a possible crisis.
Bounty: $250,000
https://i.imgur.com/hsdYHd9.png
Twitter thread, unrolled:
Thread by @Tree_of_Alpha on Thread Reader App https://threadreaderapp.com/thread/1495014902582362112.html
reply
0 sats \ 0 replies \ @cryptocoin OP 19 Feb 2022
Delete Coinbase Account in Three Easy Steps | Cory Klippsten #11966 https://www.swanbitcoin.com/delete-coinbase-account-in-three-easy-steps
reply