Contrary To Earlier Claims, 3Commas Admits APIs Were Leaked
After months of accusing the victims of having lax security procedures, 3Commas finally acknowledged that the API Keys were indeed stolen.
Back in October, there were already some warning signs of disaster. At the time, 3Commas was accused of disclosing API keys that gave malicious actors access to APIs offered to end customers, leading to terrible results.
3Commas is an automated trading platform that gives users access to an API that they may connect to exchange media to enable the bot to execute split-second trades when a profit opportunity is identified.
Without the trader’s password, email, or other personal information, a malicious actor might theoretically hijack the end user’s crypto exchange account if the key connecting the API to the platform were to be intercepted.
Using the 3Commas API, around $6 million was stolen from FTX accounts in October. Even if these specific monies were taken without FTX’s involvement, the company decided to refund the consumers because it was reportedly solvent.
SBF emphasized the fact that the return was an isolated incident, though.
A similar incident happened a little over a month later, this time on Binance.
Since there was no way to verify the user’s good faith, the exchange declined to issue a refund to the customer, according to CZ.
Even if the user had operated in good faith, this was not necessarily a mistake on Binance’s part because phishing might have taken place outside of the platform altogether.
Nearly three weeks later, CZ made a comeback on Twitter to urge users to deactivate any 3Commas API keys on Binance because he believed there was a widespread fundamental breach. The post raised red flags within the community, and less than a day later, Yuriy Sorokin, the CEO and founder of 3Commas, acknowledged that his company was responsible for the leaked keys.
But, in Sorokin’s opinion, there is no evidence that this was an inside job.
“We did everything that we could to investigate an inside job, as it was always a possible scenario and on our watch list, but proof of an inside job was not found. Only a few technical employees had access to the infrastructure, and we have taken action since November 19 to remove their access.”
It is in sharp contrast to Sorokin’s statements two weeks prior, in which he asserted that 3Commas is not at all to blame and accused victims of fabricating evidence.
Traders are furious about the situation, and many are hoping for reimbursements and additional information to be made public.
