Nick Percoco, Kraken’s chief security officer, said in a post on social media platform X (formerly Twitter) that the firm received a “bug bounty program” alert from a security researcher on June 9 about a vulnerability that allows users to artificially inflate their balance. The bug “allowed a malicious attacker, under the right circumstances, to initiate a deposit onto our platform and receive funds in their account without fully completing the deposit,” Percoco added.