Get the scoop on finance - sign up for mobile alerts
Scams, Hacks & Breaches
| On
December 30, 2022

Privacy of 100,000 Crypto Traders Compromised As Trading Bot Firm Confirms Hack After Warning From Changpeng Zhao

By Rhodilee Jean Dolor

Crypto trading bot 3Commas is confirming allegations that its platform has been compromised and user data was leaked.

3Commas CEO Yuriy Sorokin affirmed the security breach, saying that API (application program interface) keys have been stolen after the chief executive of Binance, Changpeng Zhao, warned investors about the situation.

ADVERTISEMENT

“We saw the hacker’s message and can confirm that the data in the files is true. As an immediate action, we have asked that Binance, Kucoin, and other supported exchanges revoke all the keys that were connected to 3Commas.”

Last week, on-chain researcher ZachXBT says he received a message from an anonymous Twitter user who claims to have over 100,000 API keys of 3Commas users.

“Six hours ago an account messaged me and sent over a [database] with API keys of 3Commas users. I began working to verify its validity and quickly shared the info with exchanges. It seems they will be publishing the full database of 3Commas users soon.”

In November, claims on social media were circulating that the firm’s employees were stealing the API keys. At the time, 3Commas issued a statement saying that bad actors have been making false accusations using doctored evidence.

ADVERTISEMENT

“We’re now seeing individuals on Twitter and YouTube circulating fake screenshots of Cloudflare logs in an attempt to convince people that there was a vulnerability within 3Commas and that we were irresponsible enough to allow open access to user data and log files.”

Sorokin goes on to address the allegations that 3Commas employees are behind the leak.

“We did everything that we could to investigate an inside job, as it was always a possible scenario and on our watch list, but proof of an inside job was not found. Only a small number of technical employees had access to the infrastructure and we have taken action since November 19 to remove their access.”

He says that the firm is now implementing new security measures and is launching a full investigation involving law enforcement.

“We are sorry that this has gotten so far and will continue to be transparent in our communications around the situation.”

ADVERTISEMENT
Don't Miss a Beat – Subscribe to get email alerts delivered directly to your inbox
Check Price Action
Follow us on X, Facebook and Telegram
Surf The Daily Hodl Mix
&nbsp
Disclaimer: Opinions expressed at The Daily Hodl are not investment advice. Investors should do their due diligence before making any high-risk investments in Bitcoin, cryptocurrency or digital assets. Please be advised that your transfers and trades are at your own risk, and any losses you may incur are your responsibility. The Daily Hodl does not recommend the buying or selling of any cryptocurrencies or digital assets, nor is The Daily Hodl an investment advisor. Please note that The Daily Hodl participates in affiliate marketing.

Featured Image: Shutterstock/jovan vitanovski/Sensvector