News

Binance Warns About 3Commas API Leak, Says Users Should Disable Keys

single-image

Key Points

  • Binance CEO Changpeng Zhao said he’s “reasonably sure” there were “wide spread API key leaks” from trading-bot platform 3Commas after fresh speculation emerged on social media Wednesday.
  • A 3Commas spokesperson said the company had seen a message from the hacker and confirmed the data in the posted files was real.

Binance CEO Changpeng Zhao said he’s “reasonably sure” there were “wide spread API key leaks” from trading-bot platform 3Commas after fresh speculation about an October incident emerged on social media on Wednesday.

Stay in the know on crypto by frequently visiting Crypto News Today

A 3Commas spokesperson confirmed the leak in a statement to The Block. 

“I strongly believe @tier10k is correct here,” he wrote on Twitter, referring to a post from a user that said an API leak had been published. “If you have ever put an API key in 3Commas (from any exchange), please disable it immediately.” 

An investigation conducted by 3Commas and the now-collapsed FTX crypto exchange in October revealed that API keys had been used to conduct unauthorized trades for DMG trading pairs. The 3Commas team was alerted to the incident on Oct. 20, when FTX API keys connected to the platform were used to perform unauthorized trades.

3Commas said at the time that the API keys were not taken from the company and had probably been obtained from a third-party phishing attack or hack.

3Commas confirms leak

A 3Commas spokesperson on Wednesday said the company had seen a message from the hacker and confirmed the data in the posted files was real.

By signing-up you agree to our Terms of Service and Privacy Policy

“As an immediate action, we have asked that Binance, Kucoin and other supported exchanges revoke all of the keys that were connected to 3Commas,” the spokesperson said in an emailed response to questions from The Block. “We are sorry that this has gotten so far and will continue to be transparent in our communications around the situation.”

The company said that it has not found proof of an “inside job.”

“Only a small number of technical employees had access to the infrastructure and we have taken action since November 16 to remove their access,” the spokesperson said. “Since then, we have implemented new security measures and will not stop there; we are launching a full investigation involving law enforcement.”CRYPTOCASTER® - DECENTRALIZED FREEDOM!
Read More at THEBLOCK


Please Read Essential Disclaimer Information Here.
© 2022-2023 Crypto Caster provides information. CryptoCaster.world does not provide investment advice. Do your research before taking a market position on the purchase of cryptocurrency and other asset classes. Past performance of any asset is not indicative of future results. All rights reserved.


Contribute to CryptoCaster℠ Via Metamask or favorite wallet. Send Coin/Token to Addresses Provided Below.
Thank you!
BTC – bc1qgdnd752esyl4jv6nhz3ypuzwa6wav9wuzaeg9g
ETH – 0x7D8D76E60bFF59c5295Aa1b39D651f6735D6413D
MATIC – 0x7D8D76E60bFF59c5295Aa1b39D651f6735D6413D
LITECOIN – ltc1qxsgp5fykl0007hnwgl93zr9vngwd2jxwlddvqt

You may also like