HackenProof Blog / For Hackers / [New Bug Bounty] KuCoin Has Launched Bug Bounty With Up to $5,000 Reward Per Critical Vulnerability

[New Bug Bounty] KuCoin Has Launched Bug Bounty With Up to $5,000 Reward Per Critical Vulnerability

Meet KuCoin

KuCoin is the 5th largest crypto exchange by trade volume. It comes with many cool features:

  • Earning with a trading bot, a professional specialist, by lending crypto, or cloud mining
  • Spot, futures, & margin trading
  • Participating in a mining pool
  • Token launch platform
  • NFT trading

Check Out The Rewards

If you find a vulnerability according to the bounty rules, KuCoin will reward you:

  • Critical: $3,000 – $5,000
  • High: $900 – $2,000
  • Medium: $300 – $500
  • Low: $50 – $150

Join The Bounty Hunt

There are 3 targets to scope to look for the bugs:

  • 1 Website
  • 1 Android app
  • 1 iOS app

Make sure your reports discover these incidents:

For a website:

  • Business logic issues that can cause a loss of user funds/assets
  • Payments manipulation
  • Remote code execution (RCE)
  • Leakage of sensitive information
  • Owasp Top issues such as XSS, CSRF,SQLi,SSRF,IDOR
  • Other vulnerability with a clear potential loss

For mobile apps:

  • Mobile issues that can view any external website through unsafe deeplink method without any limit.
  • Mobile issues that can use Jsbridge/javascritptinterface attack users.
  • Other vulnerability with a clear potential loss

To increase your chances of finding a critical bug, read KuCoin documentation.

Once you’re ready, click here to join the bounty hunt!