2 Minutes Read
Updated:
Meet KuCoin
KuCoin is the 5th largest crypto exchange by trade volume. It comes with many cool features:
- Earning with a trading bot, a professional specialist, by lending crypto, or cloud mining
- Spot, futures, & margin trading
- Participating in a mining pool
- Token launch platform
- NFT trading
Check Out The Rewards
If you find a vulnerability according to the bounty rules, KuCoin will reward you:
- Critical: $3,000 – $5,000
- High: $900 – $2,000
- Medium: $300 – $500
- Low: $50 – $150
Join The Bounty Hunt
There are 3 targets to scope to look for the bugs:
- 1 Website
- 1 Android app
- 1 iOS app
Make sure your reports discover these incidents:
For a website:
- Business logic issues that can cause a loss of user funds/assets
- Payments manipulation
- Remote code execution (RCE)
- Leakage of sensitive information
- Owasp Top issues such as XSS, CSRF,SQLi,SSRF,IDOR
- Other vulnerability with a clear potential loss
For mobile apps:
- Mobile issues that can view any external website through unsafe deeplink method without any limit.
- Mobile issues that can use Jsbridge/javascritptinterface attack users.
- Other vulnerability with a clear potential loss
To increase your chances of finding a critical bug, read KuCoin documentation.
Once you’re ready, click here to join the bounty hunt!
