- KuCoin, a leading global crypto exchange, has partnered with Bugcrowd to launch a bug bounty program aimed at enhancing platform security.
- The program targets critical vulnerabilities in web and mobile modules, offering rewards of up to $10,000 for extreme severity issues.
- “We are committed to prioritizing the security of user assets and transactions,” says Johnny Lyu, CEO of KuCoin.
KuCoin partners with Bugcrowd to launch a bug bounty program, offering up to $10,000 for extreme severity issues, to enhance platform security.
KuCoin and Bugcrowd Collaborate to Boost Security
KuCoin, a prominent global crypto exchange, has announced a partnership with Bugcrowd, a leading crowdsourced cybersecurity platform. This collaboration aims to enhance the security of KuCoin’s trading platform through an extensive bug bounty program. The program is designed to identify and rectify potential vulnerabilities across KuCoin’s platform, focusing on critical issues in web and mobile modules.
Targeting Critical Vulnerabilities
The bug bounty program targets a range of vulnerabilities. For web modules, these include business logic flaws, payment manipulation risks, remote code execution, and sensitive information leakage. The program also addresses a spectrum of OWASP issues, such as Cross-Site Scripting (XSS), SQL Injection, and others. On the mobile front, the focus is on functions capable of accessing unsafe external links, including potential exploitations of the “Jsbridge/Javascript interface” and other mobile-related susceptibilities that could result in potential losses.
Reward System Based on Severity
KuCoin and Bugcrowd have established a tiered reward system to incentivize security researchers based on the severity of identified vulnerabilities. Extreme severity issues are rewarded with $10,000, while critical severity vulnerabilities range from $3,000 to $5,000. High-severity findings receive rewards ranging from $1,000 to $2,000, medium-severity discoveries are rewarded between $200 and $400, and low-severity issues merit rewards varying from $50 to $100.
Conclusion
This partnership between KuCoin and Bugcrowd demonstrates a proactive approach to platform security in the crypto industry. By incentivizing the identification and rectification of vulnerabilities, KuCoin is prioritizing the security of user assets and transactions. The bug bounty program is a significant step towards ensuring a safer trading environment for users, reflecting KuCoin’s commitment to maintaining a robust and secure platform.
