article 🛡️ Critical Flaw in Kraken’s Stellar XLM Integration—$3 Million Withdrawn Pre-Fix

Please Register !

Snapshot

• What happened: A serious vulnerability in Kraken’s Stellar (XLM) support allowed users to withdraw funds unexpectedly.

• Impact: Approximately $3 million of XLM exited the exchange before Kraken implemented a repair.

• Who is affected: Primarily XLM users on Kraken—especially those with vaults linked to the flawed integration.

Please Register !

Full Story

Earlier this month, Kraken discovered a significant bug in its Stellar XLM wallet implementation. This glitch permitted some users to extract more tokens than they deposited, effectively enabling unauthorized withdrawals.

Please Register !

Attack Timeline & Kraken’s Response

1. Bug detected: Stellar wallet logic within Kraken failed to validate certain transaction parameters.

2. Unauthorized
   withdrawals executed over a brief window.

3. Kraken patches vulnerability after internal alerts or external reports triggered investigation.

4. Partial reimbursements? Kraken signalled that affected wallets might be compensated, but official confirmation is pending.

Please Register !

Root Cause & Technical Note

Stellar operates with distinct transaction structures and multi-signature rules. The flaw seems to have arisen from incomplete checks around memo fields, sequence numbers, or multi-sig thresholds, allowing malformed or repeated messages to process wrongfully. This follows earlier Stellar incidents (e.g., Trust Wallet discovered a related bug)

Please Register !

Wider Implications

• Stellar ecosystem risk: XLM’s technology, while efficient, has shown vulnerabilities before—highlighted through chain mishandles and Stellar Foundation’s past inflation bug .

• Exchange due diligence: Even well-established platforms like Kraken can suffer from complex cross-chain logic errors.

• User caution urged: Always use small test transfers when working with new or upgraded wallet infrastructure.

Please Register !

What Kraken Has Done

• Patch deployed within 48 hours of detection.

• Internal audit underway to understand exploit origin.

• Communication to users affected via email.

• Reviewing compensation plans, though no official numbers on reimbursement yet.

Please Register !

Expert Sentiment

They emphasized the need for rigorous cross-chain auditing, especially when integrating assets like XLM whose structure differs subtly from ERC‑20 or UTXO models.

Please Register !

Actions for Kraken Users

• Do not send bulk funds to Stellar wallets until Kraken confirms full security.

• Enable multi-factor authentication and maintain minimal on‑exchange balances.

• If you suspect your account was affected, contact support immediately for investigation.

Please Register !

Bigger Picture

This XLM incident is part of a growing trend:

• Earlier this year, North Korean-backed hackers drained billions from major platforms.

• State actor-linked breaches are rising .

• The continuing shift towards bug bounty programs (like Trust Wallet’s recent patch) signals industry-wide recognition of mounting security risks.

Please Register !

Conclusion

The $3 million XLM leak underscores:

• How subtle transaction logic errors can lead to major financial damage.

• That no exchange is immune, regardless of its reputation.

• The importance of layered security—for users and platforms alike.