An ethical hacker discovered a serious flaw in Coinbase’s API on February 11th, 2022 and got in touch with Coinbase’s management team. This flaw had to do with the company’s color-changing advertisement for a QR Code, the cost of which was $14 million. If the flaw had not been found and fixed, anyone could have sold BTC or any crypto without being an owner. The flaw had the potential to cause huge problems in the market.
Going by the handle Tree of Alpha, the hacker made a statement to Cointelegraph saying that this type of vulnerability in any program is very worrying. It could have been an oversight that both the development and QA testing teams missed this. This trading product was not available to the public as it was still in the testing phase. If it had been available, many people could have used it to do serious damage in the market.
Coinbase was happy that the hacker reached out and prevented serious damage from product misuse. The company avoided a serious crisis and decided on giving the hacker a bounty. The initial amount decided on was $250,000, which caused some comments on Twitter. Some users said that this was a bounty that would be paid in a bear market. The scale of the hack was huge and many Coinbase execs made that kind of money in a year.
Tree of Alpha who figured out the problem said that this amount was decent and not so low as to be insulting. This event showcased the importance of ethical hacking in this new field in the nascent crypto industry. The State Department of the US government said that it would offer rewards of $10 million or so to white hackers for discovering such problems. Coinbase’s CEO thanked Tree of Life on Twitter and said he was awesome and his work was crucial.