Recently, a white hat hacker by the pseudonym Tree of Alpha came across major vulnerabilities in the US crypto exchange platform, Coinbase. But instead of exploiting the vulnerabilities himself, the good intentioned hacker contacted Coinbase CEO, Brian Armstrong, to prevent exploitation. Exploiting the vulnerability, bad actors could easily manipulate Coinbase’s order books with fake prices and earn a great payout. Thanks to Tree of Alpha, Coinbase fixed the vulnerability in no time and CEO Brian Armstrong thanked the hacker publicly.
Anyone here can get me a direct line with someone at @coinbase , preferably management or dev team, possibly @brian_armstrong himself?— Tree of Alpha (@Tree_of_Alpha) February 11, 2022
I'm submitting a hacker1 report but I'm afraid this can't wait. Can't say more either, this is potentially market-nuking.
Few hours after Tree of Alpha’s warning, Coinbase temporarily shut down all trading on their platform under the guise of “technical problems”. After the issue got resolved, the hacker himself confirmed it in his tweet and congratulated the Coinbase team. According to him, the vulnerabilities could have caused a great disaster not only for Coinbase, but also the entire crypto industry. Coinbase can count itself lucky that it took swift action on the hacker’s warnings and avoided a major catastrophe.
Advanced Trading is resumed, and I have verified that the exploit has been patched as recommended.— Tree of Alpha (@Tree_of_Alpha) February 12, 2022
Full thread on the vuln and how Coinbase's swift response avoided some serious company & market damage as soon as I'm allowed (hopefully next week).
Good weekend to all. pic.twitter.com/pguInKORwW
While it is not frequent, these types of interactions do occur in the crypto space. Like Tree of Alpha, many white hat hackers have helped crypto-based companies like Coinbase from facing major losses. For example, last year a hacker took over $600 million of crypto assets from the Poly Network, but he returned it after a week claiming it was just to teach them a lesson. Similarly, in August 2021, Paradigm’s security researcher (known as samczun on Twitter) fixed a $350 million flaw in the SushiSwap DEX platform.
Over the years, white hat hackers have played an important role in keeping the crypto space clean, open and trustworthy. With the growing popularity of such ethical hackers, major crypto firms like Kraken, EOS, Ethereum Foundation and Binance have started offering bug bounties on their platform. At Bitcompare, we strive to provide you with honest and detailed reviews on major DeFi and CeFi platforms. Make sure you check them out to make the most out of your crypto investments.