Last week, Binance users alleged that some unusual altcoin trades were happening on the platform. According to WuBlockchain, some of the affected altcoins include ARDR, BIFI, AMP, POLS, OM, NEXO, OSMO, SUN, XVS, ARK, and LOOM.
Per reports, users are concerned that the trades could signify a breach on Binance. Some users alleged that hackers might have stolen users’ API Keys to execute such trades.
Binance Denies Allegations About Compromised API Key
However, the crypto platform has refuted claims that a breach of API keys or hack is responsible. Binance tweeted, “these activities are not related to stolen API keys or compromised accounts; funds are SAFU.”
Changpeng Zhao, Binance CEO, also commented on the situation. According to him, investigations reveal that a particular account began the whole ordeal.
A user reportedly deposited funds and began buying altcoins. Then, other users also followed suit. Additionally, Zhao claimed that there were no connections between the accounts upon investigations.
Zhao noted that Binance has temporarily shut down withdrawals on accounts making profits from these contra trades. This news sparked outrage from the crypto community, who accused Binance of overstepping its boundaries.
However, Zhao replied, saying, “we are mindful of the notion of “too centralized” assaults and excessive platform interference. The level of our intervention should strike a balance. These occasionally occur in a market system, and we must allow them to take their course.”
In the meantime, 3Commas (a smart trading terminal and automated bots’ provider for crypto traders) added that it is collaborating with Binance to look into the occurrences and establish whether its platform has any relationship with the supposed API hack.
However, several users are still worried about the situation despite Binance’s response. They claim the unusual trading activity could still be related to users’ stolen API keys.
A Similar Situation Occurred On FTX
Earlier in October, some FTX users complained about contra-trading on their accounts. These users lost their assets following such trades. For example, one Twitter user reportedly lost assets worth over $1.6 million via a DMG tokens contra-trade.
Colin Wu, a Chinese-based crypto journalist who tweeted the announcement, also warned users to safeguard their API keys. According to Wu, there must have been a breach of 3Commas.
However, 3Commas, on its official blog, denied the allegations stating that users’ API keys were not hacked. Later on, the 3Commas team reported that the hackers created several phishing sites to conduct the attack.
According to 3Commas, these sites resembled its official website in interface and design. The hackers reportedly used the sites to capture users’ API keys.
After collecting several API keys, the hackers accessed these users’ accounts and placed trades. Therefore, the trading platform strongly suggested that customers generate new API keys. Furthermore, 3Commas told users to update their linked accounts.