TLDR at bottom
For those unaware, the 3Commas platform allows users to deploy automated trading bots to execute non-stop cryptocurrency trading, minimize risks, and shop the marketplace for bot presets. They offer DCA bots, Grid bots, Options bots, Futures, bots, HODL bots, Scalper Terminal, and full Portfolio management all from a single interface.
This week, an anonymous person leaked 100,000 API keys connected to the crypto trading service. The anonymous individual had reached out to users/journalists in Twitter DMs claiming that they had hacked the personal information of 3Commas' users including API keys.
The anonymous hacker claims that they intend to release their database only after personal information that could be used for doxxing is removed. They claim that they hacked 3Commas' database and that their intent to release the information stems from wanting to send a message to its users that their money and information is not safe in the hands of these companies. This seems to also be in response to the lack of action against Do-Kwon after the Luna collapse and lack of critical media coverage regarding SBF (e.g. NYT puff pieces) and the FTX collapse.
The hacker also claims that they will be releasing similar information that is associated with ALL the platforms that 3Commas could be integrated with. This includes:
Binance
Bitfinex
Bitstamp
Bittrex
Bybit
Coinbase Pro
Crypto.com
Deribit
Gate.io
Gemini
Huobi Global
Kraken
KuCoin
OKX
3Commas has responded to the claims stating that they are true and accurate, however not before blaming their users and that they may have individually fallen for phishing scams 1, 2 . [They also have a banner on their website](www.3commas.io) with a disclaimer stating that they are aware of the matter (screenshot included in case they change anything)
Over the last several months, dozens of 3Commas users found that the service had, without their consent, traded away funds on crypto exchanges they’d linked to it. Initially, 3Commas said that these users were most likely phished and insisted that the platform was safe.
The API database leaker insinuated that the 3Commas keys had been sold by someone from within the company, but 3Commas CEO Yuriy Sorokin said that “3Commas stresses that it has found no evidence during the internal investigation that any employee of 3Commas was somehow involved in attacks against the API data.”
“Since becoming aware of the suspicious activities taking place, we immediately launched an internal investigation. We will continue with the investigation in the light of the new information and also notify law enforcement authorities accordingly,” Sorokin said in the statement.
Since this has all come to light, the FBI has since begun investigating. The FBI has reached out to users affected by the 3Commas data breach.
TLDR: Anonymous hacker got access to 100k API keys from 3Commas that were linked to Kucoin and Binance. They plan to release the information once all personal information has been scrubbed hoping that it'll send a message to users that these companies are selling user information and mishandling user funds. The accounts that are currently known to be affected are those belonging to Kucoin and Binance users however that list may grow to include all exchanges that 3Commas could be integrated with. The FBI is now involved.
[link] [comments]
You can get bonuses upto $100 FREE BONUS when you:
💰 Install these recommended apps:
💲 SocialGood - 100% Crypto Back on Everyday Shopping
💲 xPortal - The DeFi For The Next Billion
💲 CryptoTab Browser - Lightweight, fast, and ready to mine!
💰 Register on these recommended exchanges:
🟡 Binance🟡 Bitfinex🟡 Bitmart🟡 Bittrex🟡 Bitget
🟡 CoinEx🟡 Crypto.com🟡 Gate.io🟡 Huobi🟡 Kucoin.
Comments