Last week, Several traders claimed that their crypto worth $22 million got stolen due to compromised API keys from 3Commas, a trading platform. Yesterday, 3Commas co-founder Yuriy Sorokin admitted that the firm was the source of that API leak.
Sorokin’s announcement came after an undisclosed Twitter user accessed over 90,000 API keys of 3Commas users and released them online. Initially, the trading platform had insisted that were no security concerns on its side and suggested on its Twitter handle that a phishing attack led users to give up their data.
3Commas allows users to link several crypto exchange accounts to automated trading software through application programming interfaces (APIs). These APIs facilitate communication between different software components and enable them to perform tasks. For the 3Commas case, users can trade instantly and automatically via a code.
3Commas Accused of not Taking Responsibility for the API Leak
APIs are considered game-changers until the wrong people obtain them. In a recent incident, a Blockchain analyst and Twitter user (@ZachXBT) tweeted that he had verified over 44 victims who lost a collective of $15 million through API keys hijacked from 3Commas.
Sorokin responded to the tweet by saying that not all keys got leaked from 3Commas, as they are several browser extensions and malware out here. Furthermore, he questioned how ZachXBT verified the information, alleging that most users claiming to have lost funds did not even bother opening a support ticket with the trading platform or going to the police.
Another Twitter user (@CoinMamba) accused 3Commas of blaming users instead of taking responsibility and ensuring no more exploits. It is not the first time the trading platform has been scrutinized for its API handling. Before FTX collapsed, its then-CEO Sam Bankman-Fried pledged to refund $5 million to customers affected by a phishing attack involving 3Commas.
3Commas API Keys Set to be Revoked by Exchanges
Yesterday, Changpeng Zhao, the Binance CEO, tweeted that he was certain there were extensive API key leaks from 3Commas. In addition, Zhao urged users to disable their API keys in the trading platform. A few hours later, 3Commas recommended a similar action, asking all supported exchanges to revoke keys connected to the platform.
HeraldSheets.com produces top quality content for crypto companies. We provide brand exposure for hundreds of companies. All of our clients appreciate our services. If you have any questions you may contact us. Cryptocurrencies and Digital tokens are highly volatile, conduct your own research before making any investment decisions. Some of the posts on this website are guest posts or paid posts that are not written by our authors and the views expressed in them do not reflect the views of this website. Herald Sheets is not responsible for the content, accuracy, quality, advertising, products or any other content posted on the site. Read full terms and conditions / disclaimer.