Coinbase and Cardano Call on Hackers to Plug Security Gaps

Cybercrime surged in 2021 and hackers and other cyber criminals are looking for another bumper year this year. As cyber criminals become more sophisticated, crypto platforms need to be even smarter to protect investors and users from hacks and other types of criminal activity.

Ransomware, Hacks, and other Illicit Activity Hurt Digital Asset Value

Late last week, we reported on prelim ransomware numbers for 2021 and likely finalized numbers. Based on prelim figures and upward revisions to 2020 numbers, ransomware alone could hit more than $1bn in 2021. There was also news of North Korea funding its missile program with stolen crypto.

With the likes of North Korea actively hitting the crypto market for source of funds, government scrutiny has also increased. In late January, the White House announced an imminent crypto executive order to task agencies with crypto oversight in the interest of national security.

As governments and regulators look to take a more active role in the crypto market, crypto platforms will also need to step up or face the wrath of regulators.

The issue doesn’t just lie with crypto exchanges, however, with the NFT marketplace and the Metaverse also considered as a medium for illegal activity. China, India, the UK, and a number of other governments have highlighted the need to clamp down on illicit activity.

Cardano and Coinbase Look Outside to Tighten Security

This week, the Cardano Foundation (ADA) announced a 6-week promotion running from 14^th February to 25^th March. The Foundation doubled its bounty amounts for the period. Hackers can earn up to $20,000 for identifying critical Cardano Node security vulnerabilities. The security community can also earn up to $15,000 for identifying critical Cardano-Wallet security vulnerabilities.

Coinbase was also in the news this week, with a lone hacker reportedly assisting Coinbase with a security flaw. A hacker going by the name Tree of Alpha tweeted over the weekend of a “potentially market-nuking” security flaw. Tree of Alpha tweeted a submission of a hacker1 report but also the pressing need for direct contact with the Coinbase team.

Anyone here can get me a direct line with someone at @coinbase , preferably management or dev team, possibly @brian_armstrong himself?

I'm submitting a hacker1 report but I'm afraid this can't wait. Can't say more either, this is potentially market-nuking.

DMs open.

— Tree of Alpha (@Tree_of_Alpha) February 11, 2022

Hackerone is a platform started by hackers and security experts with the aim of making the internet a safer place. The platform partners with hackers to uncover security issues for customers before they are exploited by criminals. Users include Starbucks, Nintendo, PayPal, Spotify, Toyota, the European Commission, among others.

The collaboration and effectiveness of Hackerone was evident in the Coinbase fix. Brian Armstrong himself replied directly to Tree of Alpha to give thanks.