Last Updated: 29 December 2022
Lep op: do you use the services of 3Commas? Then pay attention. It seems there has been a data breach, leaving API keys on the street.
3Commas is a trading bot that you can hook up to exchanges. Changpeng Zhao, the CEO of Binance, posted an alert on Twitter about the possible data leak. Soon after, the company itself came out with a response.
Zhao said he is “reasonably certain that major leaks of API keys” have taken place. Speculation arose about an incident in October at FTX.
“I am convinced that @tier10k is right here. If you have ever placed an API key in 3Commas (from any central exchange), turn it off immediately.”
I am reasonably sure there are wide spread API key leaks from 3Commas. If you have ever put an API key in 3Commas (from any exchange), please disable it immediately.
— CZ 🔶 Binance (@cz_binance) December 28, 2022
Meanwhile, a spokesperson for 3Commas confirmed to The Block that the problem was on their side.
In early October, there was an investigation by 3Commas into strange things on the now-bankrupt FTX. It turned out that API keys had been used to perform unauthorised transactions for DMG trading savings.
The 3Commas team was informed of this on 20 October. The company said at the time that the keys had not been stolen from them and had probably been obtained through a phishing attack or third-party hack. Now, the spokesperson confirms that it was therefore indeed a leak at 3Commas itself.
They had received a message from the hacker and confirmed that the data was genuine. Lists of the API keys were also circulating on Twitter. Subsequently, 3Commas said it immediately contacted exchanges such as Binance and Kucoin, asking them to “unlink” all keys from 3Commas.
The company said it found no evidence of an ‘inside job’.