Victoria, Seychelles – KuCoin, a leading global cryptocurrency exchange, is excited to announce its collaboration with Bugcrowd, the #1 crowdsourced cybersecurity platform, to launch an extensive bug bounty program. This initiative is aimed at fortifying KuCoin’s platform by identifying and addressing potential security vulnerabilities.
KuCoin’s Focus on Identifying Key Vulnerabilities
Web Module Vulnerabilities:
- Problems with business logic leading to potential loss of user assets.
- Payment manipulation risks.
- Remote Code Execution (RCE).
- Leakage of sensitive information.
- Critical OWASP issues such as Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), SQL Injection, Server-Side Request Forgery (SSRF), Insecure Direct Object References (IDOR), and others.
- Any other vulnerabilities that could result in substantial loss.
Mobile Module Vulnerabilities:
- Functions that can access unsafe external links.
- Vulnerabilities in Jsbridge/Javascriptinterface that could be exploited to harm users.
- Other mobile-related vulnerabilities that may lead to potential loss.
To incentivize and reward the efforts of security researchers, KuCoin and Bugcrowd have structured the bug bounty rewards into five distinct tiers, based on the severity of the identified vulnerabilities:
- Extreme Severity: Reward of 10,000 USD
- Critical Severity: Rewards range from 3,000 to 5,000 USD
- High Severity: Rewards range from 1,000 to 2,000 USD
- Medium Severity: Rewards range from 200 to 400 USD
- Low Severity: Rewards range from 50 to 100 USD
“As People’s Exchange, the security of users’ assets is always our top priority. Ensuring the safety of user assets and transactions is an ongoing endeavor we are committed to. Utilizing a community of researchers is vital for advancing our security to a higher level. Bugcrowd’s expertise in identifying obscure issues is essential and we will create a more secure trading environment together.” Johnny Lyu, CEO of KuCoin stated.
KuCoin and Bugcrowd are united in their commitment to provide a safer trading environment for all users. Through this partnership and the launch of the bug bounty program, both parties are taking a significant step forward in enhancing the security of the cryptocurrency trading ecosystem. The joint effort underlines their dedication to maintaining the highest security standards to protect users against emerging cyber threats.
“As we witness the rapid growth of the cryptocurrency market, trust and security become paramount,” said Dave Gerry, CEO of Bugcrowd. “We’re excited to partner with KuCoin to launch their Bug Bounty Program to achieve a safer trading environment for all users. By harnessing the power of the global hacker community, we aim to help strengthen KuCoin’s defenses and protect its users from emerging threats.”
For more information on the bug bounty program and how to participate, please visit KuCoin’s Official Announcement.
About KuCoin
Launched in September 2017, KuCoin is a leading global cryptocurrency exchange with its operational headquarters in Seychelles. As a user-oriented platform with a focus on inclusiveness and community action reach, it offers over 900 digital assets and currently provides Spot trading, Margin trading, P2P Fiat trading, Futures trading, Staking, and Lending to its 31 million users in more than 200 countries and regions. KuCoin is currently one of the top 5 crypto exchanges. In 2023, KuCoin was named one of the Best Crypto Exchanges by Forbes and recognized as a highly commended global exchange in Finder’s 2023 Global Cryptocurrency Trading Platform Awards. Learn more at https://www.kucoin.com. For media inquiries, please contact [email protected].
