3commas

3Commas: The API key and exchange attacks are caused by hacker attacks rather than system vulnerabilities, and API keys that have not been used for over 3 months will be revoked

ChainCatcher news, the founder and CEO of the trading bot platform 3Commas, Yuriy Sorokin, released an update on the investigation regarding API key and exchange attacks, after many users of Binance, OKX, FTX, and several other exchanges experienced unauthorized trades initiated through API keys. 3Commas stated that they collected a lot of information from affected users, which shows that each case is different; apart from the unauthorized trading activity, there are no common patterns or connections between the reported cases. A large number of high-net-worth individuals who extensively use 3Commas were not affected, indicating that there is no vulnerability in the 3Commas system. 3Commas indicated that the attacks were caused by "hacking" rather than phishing.It is reported that 3Commas strongly recommends that any users affected by this issue report to their local police department or cybercrime unit, to enable exchanges to freeze the accounts of the perpetrators, increasing the likelihood of partial or full fund recovery for the victims. The team is ready to cooperate with users, exchanges, and the Estonian police to assist in the ongoing investigation to capture the attackers. Next, 3Commas will continue to work with exchanges to provide more and safer exchange connection options, such as Fast Connect; disable old and inactive trading API connections that have been inactive for over 90 days; contact various exchanges to provide public API keys for disabled connections so that they can be removed on the exchange side to ensure user safety. Additionally, all users are advised to review their trading API keys.On December 11, Binance experienced another large-scale wash trading incident, with sudden massive trading volumes in altcoins such as OM, AMP, NEXO, POLS, SUN, ARDR, BIFI, XVS, ARK, LOOM, OSMO, suspected to still be related to the leak of trading bot API keys like 3Commas and hacking incidents. (source link)
ChainCatcher Building the Web3 world with innovators