ChainCatcher news, the cryptocurrency trading platform 3Commas stated that some customers reported unauthorized account transactions after resetting their account passwords. The investigation found that only a few customer accounts had their passwords reset and were suspected of unauthorized transactions, primarily affecting customers who had not enabled two-factor authentication (2FA). The accessed data did not include users' API key data and account passwords. In response, 3Commas strongly recommends that users enable two-factor authentication (2FA) and regularly change their passwords to provide additional security for their accounts.

ChainCatcher news, Bitget announced a strategic partnership with the crypto trading bot platform 3Commas.This collaboration will integrate 3Commas' automation tools into the Bitget ecosystem, aiming to optimize the trading experience for users and maximize the use of automation features for intelligent trading.Gracy Chen, General Manager of Bitget, stated: "We have always believed in the importance of smart trading, and this partnership with 3Commas will be a significant milestone."Yuriy Sorokin, CEO and co-founder of 3Commas, also shared his views on the collaboration, stating: "We provide valuable tools for all traders, offering fairness to users through automated trading, and our partnership with Bitget is an important step in building a complete ecosystem."

ChainCatcher news, the Federal Bureau of Investigation (FBI) is investigating the 3Commas data breach. A victim group of 3Commas, consisting of about 60 members, had previously contacted the U.S. Secret Service and other law enforcement agencies, with the group's leader stating that their total losses exceed $20 million.It is reported that 100,000 Binance and KuCoin API keys associated with 3Commas were leaked, and a 3Commas spokesperson confirmed this news, emphasizing that during the internal investigation, there was no evidence that 3Commas employees were involved in the attack on the API data. (source link)

ChainCatcher news, Binance CEO Changpeng Zhao warned users on Twitter that 3Commas API keys may have been widely leaked and advised users to stop using them. Subsequently, 3Commas CEO Yuriy Sorokin confirmed the API key leak on Twitter, stating that "we have requested Binance, Kucoin, and other supported exchanges to revoke all keys associated with 3Commas," and added that there is currently no evidence suggesting that the leak was caused by an insider, and an active investigation is underway. (source link)

ChainCatcher news, the founder and CEO of the trading bot platform 3Commas, Yuriy Sorokin, released an update on the investigation regarding API key and exchange attacks, after many users of Binance, OKX, FTX, and several other exchanges experienced unauthorized trades initiated through API keys. 3Commas stated that they collected a lot of information from affected users, which shows that each case is different; apart from the unauthorized trading activity, there are no common patterns or connections between the reported cases. A large number of high-net-worth individuals who extensively use 3Commas were not affected, indicating that there is no vulnerability in the 3Commas system. 3Commas indicated that the attacks were caused by "hacking" rather than phishing.It is reported that 3Commas strongly recommends that any users affected by this issue report to their local police department or cybercrime unit, to enable exchanges to freeze the accounts of the perpetrators, increasing the likelihood of partial or full fund recovery for the victims. The team is ready to cooperate with users, exchanges, and the Estonian police to assist in the ongoing investigation to capture the attackers. Next, 3Commas will continue to work with exchanges to provide more and safer exchange connection options, such as Fast Connect; disable old and inactive trading API connections that have been inactive for over 90 days; contact various exchanges to provide public API keys for disabled connections so that they can be removed on the exchange side to ensure user safety. Additionally, all users are advised to review their trading API keys.On December 11, Binance experienced another large-scale wash trading incident, with sudden massive trading volumes in altcoins such as OM, AMP, NEXO, POLS, SUN, ARDR, BIFI, XVS, ARK, LOOM, OSMO, suspected to still be related to the leak of trading bot API keys like 3Commas and hacking incidents. (source link)

ChainCatcher message, Binance founder Zhao Changpeng tweeted that Binance has sent notifications to users of Skyrex and 3commas urging them to reset their API keys.Previously, Binance user Carlos's account was suspected to have been accessed by others, and the account funds were allegedly lost due to a wash trading purchase of AXS. Subsequently, Skyrex admitted to being attacked, and Binance also stated that it would attempt to disable all API keys that had been used on Skyrex. (source link)

ChainCatcher news, FTX founder Sam Bankman-Fried (SBF) tweeted that some users accidentally registered on fake other websites, including 3Commas, providing their FTX API keys to use the website's trading tools. Other users may also have been phished through other methods. FTX will provide approximately $6 million in compensation to account holders affected by the phishing incident through third-party websites, but "this decision is a one-time occurrence, as FTX will not develop a habit of compensating users caught in phishing activities targeting non-FTX websites."In addition, SBF stated that if 95% of the $6 million stolen from FTX accounts is returned within 24 hours, they will be exempt from liability. (Source link)

ChainCatcher news, according to The Block, a survey conducted by the trading bot platform 3Commas and the cryptocurrency exchange FTX revealed that API keys associated with 3Commas were used for unauthorized trading of the DMG trading pair on FTX. 3Commas stated that the API keys may have been obtained from third-party phishing attacks or hacks. Additionally, 3Commas mentioned that they have been in close contact with and providing assistance to the victims of this key leak.It is reported that 3Commas announced in September the completion of a $37 million Series B funding round led by Target Global, Alameda Research, Jump Capital, and Dmitry Tokarev, the founder and CEO of Copper. (The Block)

Chain Catcher news, cryptocurrency automated trading robot platform 3Commas has completed a $37 million Series B funding round, with participation from Alameda Research, Jump Capital, Target Global, and Copper CEO and founder Dmitry Tokarev. Next, 3Commas will establish a subsidiary named DeCommas, focusing on automated access to decentralized finance (DeFi) protocols. Previously, in 2020, 3Commas completed a $3 million funding round with support from Alameda. (The Block)