- The news broke when an unknown Twitter user leaked almost 100,000 API keys.
- CZ said that 3Commas users should disable their API keys.
Last week, a group of investors claimed that $22 million in cryptocurrency had been taken from the trading platform 3Commas due to a breach in the company’s API credentials. Wednesday, 3Commas disclosed that it was responsible for the API vulnerability. The news broke when an unknown Twitter user leaked almost a hundred thousand API keys belonging to 3Commas customers.
Early on, 3Commas denied any responsibility for any security breach. The co-founder Yuriy Sorokin speculated repeatedly on Twitter that a phishing assault was to blame for consumers’ disclosure of sensitive information.
On Wednesday, Sorokin tweeted:
“We saw the hacker’s message and can confirm that the data in the files is true… We are sorry that this has gotten so far and will continue to be transparent in our communications around the situation.”
Users Advised to Disable API Keys
To facilitate automatic trading, 3Commas enables users to connect various cryptocurrency exchange accounts. Such as those held on Binance, to a single platform. APIs (application programming interfaces) are the standard procedures for allowing different pieces of software to interact with one another and carry out operations.
It’s supposed to save people time and effort by eliminating the need for them to consciously consider the specifics of their trades. Instead, everything is done promptly and automatically by code. That is unless the wrong individuals get access to the APIs.
Binance CEO Changpeng Zhao tweeted on Wednesday that he was pretty positive there were “widespread API key leaks” from 3Commas. CZ also said that 3Commas users should disable their API keys. In fact, 3Commas has just begun proposing exactly this.
Recommended For You: