Categories: News

3Commas API Database:Revealed By Anonymous Twitter User

3Commas repeatedly informed users that they had been “polished” after widespread hacks.

An anonymous Twitter user has obtained nearly 100,000 API keys belonging to 3Commas customers. Whereas, over 10,000 of the keys were released by the leaker on Wednesday. According to him, the rest will be published full randomly in the upcoming days.

Yuriy Sorokin, CEO of 3Commas confirmed the news and the authenticity of the leak in a tweet on Wednesday.  In addition, he also said that ” as an immediate action, we have asked the Binance, Kucoin and other supported exchanges to revoke all the keys that were connected to 3Commas”.

The leak comes after dozen of users complained that their API keys have been illegally used to execute trades on platforms. Those exchanges include Binance, Kucoin, and Coinbase without their consent. Previously, Coindesk already reported,3Commas confirmed that users lost at least $ 6 million to attackers starting in October.

On the other hand, multiple users have said that the amount has at least doubled in recent weeks.

However, Coindesk is not linking or naming the pseudonymous leaker’s Twitter account. Because doing so could further expose sensitive private information.

3Commas initially told Coindesk that phishing attacks were to blame for its users’ losses. Though, over 50 of them have banded together in Telegram group chats. The users have insisted that their credentials must have been leaked by 3Commas or an exchange like Binance or Coinbase.

However, Wednesday’s data has given clear evidence that the credentials leaked rather than phished. Many 3Commas users confirmed the news to Coindesk that they were able to find their API keys among those that the leakers shared.

In a tweet, 3Commas ‘Sorkin noted that he and his company “did everything that we could to investigate an inside job, as it was always a possible scenario and on our watch list, but proof of an inside job was not found”.

On Wednesday afternoon, Binance CEO Chengpeng Zhao issued a warning to users before 3Commas made its statement. “If you ah e ever entered an API key into 3Commas, please disable it immediately”.

Now, 3Commas allows users to create trading bots that automatically carry out trades on their behalf on external cryptocurrency exchange. Users enter the API key they receive from those exchanges into 3Commas to give the app access to their accounts.

Alas, the leaker claims that the API keys released this week were produced on Binance or Kucoin.

Read more:

 

Sponsored
Senoria Khursheed

Leave a Comment
Share
Published by
Senoria Khursheed

Recent Posts

Microsoft Launches AI-Powered “Support Virtual Agent” for Xbox Users

Microsoft has launched its AI-powered “Support Virtual Agent” chatbot for Xbox Insiders in the U.S.,…

5 hours ago

Musk Says Tesla Won’t Enter Smartphone Market Unless Necessary

Android Authority recently polled its users to find out if they would purchase a Tesla…

5 hours ago

Sukkur IBA Sets Seven Conditions for Conducting MDCAT

The Secretary of the Sukkur IBA Testing Agency has formally requested urgent action from the…

5 hours ago

PSEB Opens Bidding for Nationwide e-Rozgar Centers

The Pakistan Software Export Board (PSEB) has launched a nationwide program to encourage IT startups…

6 hours ago

Google Play Services Bug Disrupts Access to Apps for Pixel Users: Here’s How to Fix It

A significant issue with Google Play Services has left many Pixel users unable to access…

6 hours ago

WhatsApp Beta Partners with Google for Innovative Image Search Feature

When it comes to Android messaging apps, WhatsApp stands out as one of the best.…

6 hours ago