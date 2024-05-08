KuCoin, a leading global cryptocurrency exchange, is excited to announce its collaboration with Bugcrowd, the #1 crowdsourced cybersecurity platform, to launch an extensive bug bounty program.

This initiative is aimed at fortifying KuCoin’s platform by identifying and addressing potential security vulnerabilities.

KuCoin’s Focus on Identifying Key Vulnerabilities

Web Module Vulnerabilities:

Problems with business logic leading to potential loss of user assets.

Payment manipulation risks.

Remote Code Execution (RCE).

Leakage of sensitive information.

Critical OWASP issues such as Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), SQL Injection, Server-Side Request Forgery (SSRF), Insecure Direct Object References (IDOR), and others.

Any other vulnerabilities that could result in substantial loss.

Mobile Module Vulnerabilities:

Functions that can access unsafe external links.

Vulnerabilities in Jsbridge/Javascriptinterface that could be exploited to harm users.

Other mobile-related vulnerabilities that may lead to potential loss.

To incentivize and reward the efforts of security researchers, KuCoin and Bugcrowd have structured the bug bounty rewards into five distinct tiers, based on the severity of the identified vulnerabilities:

Extreme Severity: Reward of 10,000 USD

Critical Severity: Rewards range from 3,000 to 5,000 USD

High Severity: Rewards range from 1,000 to 2,000 USD

Medium Severity: Rewards range from 200 to 400 USD

Low Severity: Rewards range from 50 to 100 USD

“As People’s Exchange, the security of users’ assets is always our top priority. Ensuring the safety of user assets and transactions is an ongoing endeavor we are committed to. Utilizing a community of researchers is vital for advancing our security to a higher level. Bugcrowd’s expertise in identifying obscure issues is essential and we will create a more secure trading environment together.” Johnny Lyu, CEO of KuCoin stated.

KuCoin and Bugcrowd are united in their commitment to provide a safer trading environment for all users. Through this partnership and the launch of the bug bounty program, both parties are taking a significant step forward in enhancing the security of the cryptocurrency trading ecosystem.

The joint effort underlines their dedication to maintaining the highest security standards ​​to protect users against emerging cyber threats.

“As we witness the rapid growth of the cryptocurrency market, trust and security become paramount,” said Dave Gerry, CEO of Bugcrowd. “We’re excited to partner with KuCoin to launch their Bug Bounty Program to achieve a safer trading environment for all users. By harnessing the power of the global hacker community, we aim to help strengthen KuCoin’s defenses and protect its users from emerging threats.”

For more information on the bug bounty program and how to participate, please visit KuCoin’s Official Announcement.