- KuCoin partners with Bugcrowd to launch a bug bounty program to enhance security across its trading platform.
- The program targets critical vulnerabilities in web and mobile modules, with rewards of up to $10,000 for extreme issues.
- High-severity findings receive rewards up to $2,000, while medium-severity discoveries are rewarded up to $400.
The prominent global crypto exchange KuCoin has partnered with Bugcrowd, the leading crowdsourced cybersecurity platform, to enhance platform security. KuCoin announced this new security-focused collaboration in a recent press statement seen by Coin Edition.
The collaboration marks the launch of an extensive bug bounty program designed to identify and rectify potential vulnerabilities across KuCoin’s platform. The program focuses on pinpointing critical vulnerabilities in web and mobile modules.
Regarding the web modules, issues such as business logic flaws, payment manipulation risks, remote code execution, and sensitive information leakage are among the targeted vulnerabilities. Additionally, the program addresses a spectrum of OWASP issues, such as Cross-Site Scripting (XSS), SQL Injection, and others.
However, on the mobile front, the focus shifts to vulnerability functions capable of accessing unsafe external links. It includes potential exploitations of the “Jsbridge/Javascript interface” that could harm users and other mobile-related susceptibilities that could result in potential losses.
KuCoin and Bugcrowd have established a tiered reward system based on the severity of identified vulnerabilities to incentivize security researchers and reward their efforts. The rewards range from $10,000 for extreme severity to $50 for low severity issues.
Specifically, detected extreme severity issues are rewarded with $10,000, and critical severity vulnerabilities range from $3,000 to $5,000. Moreover, high-severity findings receive rewards ranging from $1,000 to $2,000, while medium-severity discoveries are rewarded between $200 and $400. Low-severity issues merit rewards varying from $50 to $100.
Johnny Lyu, CEO of KuCoin, emphasized the exchange’s commitment to prioritizing the security of user assets and transactions. Lyu remarked:
As People’s Exchange, the security of users’ assets is always our top priority. Ensuring the safety of user assets and transactions is an ongoing endeavor to which we are committed.
Bugcrowd CEO Dave Gerry echoed Lyu’s sentiments, highlighting the importance of trust and security in the cryptocurrency market. “We’re excited to partner with KuCoin to launch their Bug Bounty Program to achieve a safer trading environment for all users,” Gerry remarked.
Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.