1. Home
  2. 3commas

3commas

3Commas on ‘heightened alert’ after several user accounts hacked

The firm has implemented additional security measures following an investigation that found “only a few” 3Commas user accounts were compromised.

Crypto trading bot provider 3Commas is on “heightened alert” after some of its user’s accounts were compromised and used to place trades.

An Oct. 8 blog post from 3Commas co-founder and CEO Yuriy Sorokin said it received reports from users concerning unauthorized trades on their accounts after resetting their passwords.

An investigation found “only a few customer accounts” were compromised and unauthorized trades made. 3Commas did not disclose the number of users affected.

“We will continue with our investigation into this matter,” Sorokin wrote. “Please note, however, that in the meantime, our services are running normally, and we will continue to operate in a state of heightened alert.”

The accounts with unauthorized trades mostly had not enabled two-factor authentication (2FA), according to 3Commas. It said the data accessed did not include user API data or passwords.

As additional security measures, the firm said it implemented a new approach to resetting passwords and disabled API connections after a user resets their password. It recommended that users enable two-factor authentication and regularly change their password.

Related: OpenSea ‘unaware’ of any involvement of former exec in $60M rug pull

In December 2022, the firm disclosed an incident from that October where user API keys had been leaked, leading to unauthorized trades on victim accounts.

Sorokin and 3Commas initially denied a breach had taken place and instead suggested its customers had been phished. It later relented and Sorokin admitted there had been an API leak from 3Commas.

3Commas users affected by the API leak called for refunds and an apology for being gaslighted.

“We regret that such an incident has taken place,” said Sorokin on the latest incident. He added that 3Commas is improving its security to prevent or limit similar future incidents.

3Commas did not immediately respond to Cointelegraph’s request for comment.

Magazine: How to protect your crypto in a volatile market — Bitcoin OGs and experts weigh in

SEC Charges Jump Crypto Subsidiary for Role in Terra’s Stablecoin Collapse

Privacy of 100,000 Crypto Traders Compromised As Trading Bot Firm Confirms Hack After Warning From Changpeng Zhao

Privacy of 100,000 Crypto Traders Compromised As Trading Bot Firm Confirms Hack After Warning From Changpeng Zhao

Crypto trading bot 3Commas is confirming allegations that its platform has been compromised and user data was leaked. 3Commas CEO Yuriy Sorokin affirmed the security breach, saying that API (application program interface) keys have been stolen after the chief executive of Binance, Changpeng Zhao, warned investors about the situation. “We saw the hacker’s message and […]

The post Privacy of 100,000 Crypto Traders Compromised As Trading Bot Firm Confirms Hack After Warning From Changpeng Zhao appeared first on The Daily Hodl.

SEC Charges Jump Crypto Subsidiary for Role in Terra’s Stablecoin Collapse

3Commas API leak victims demand refunds and apology for ‘gaslighting’

3Commas finally admitted there was an API leak, after months of refuting community reports that it had occurred. Users were not happy about being "gaslighted."

Victims of the 3Commas API leak are calling for refunds and an apology from the crypto trading platform for being gaslighted over the whole ordeal.

The past couple of months have seen an ongoing back and forth between 3Commas and supposed victims of unauthorized trades coming from their accounts.

3Commas and its CEO Yuriy Sorokin had strongly denied any hack or breach had taken place and had refuted there could have been an inside job from an employee gone rogue. Instead, it suggested any leaked APIs were the result of customers being phished.

On Dec. 28 however, Sorokin finally admitted there had been a sizeable API leak from the firm, confirming a database of API keys shared by a hacker was legitimate:

“We saw the hacker’s message and can confirm that the data in the files is true. As an immediate action, we have asked that Binance, Kucoin, and other supported exchanges revoke all the keys that were connected to 3Commas.”

“We did everything that we could to investigate an inside job, as it was always a possible scenario and on our watch list, but proof of an inside job was not found,” Sorokin added.

The community has been left bewildered by this surprise admission, considering that 3Commas had on Dec. 11 labeled customer reports of a leak as “false rumors shared by bad faith actors using falsified evidence.” 

“Just a reminder: For the last 2 months, you have blamed the victims of the hack. You have defamed the victims as ‘bad faith actors’ and alleged they ‘falsified evidence’, when it turns out 3Commas was the ones who were the bad faith actors, lying and falsifying evidence,” wrote Twitter user Pledditor.

Related: 400M Twitter users’ data is reportedly on sale in the black market

Popular crypto trader CoinMamba tweeted that “you kept lying and saying this was our fault instead of taking responsibility and prevented [sic] further exploits. Are you going to refund the users now?”

“Congrats you morons are what’s wrong with the space,” blockchain sleuth ZachXBT chimed in, after he had been posting about the API leak for weeks.

Comments were just as aggressive in response to the 3Commas tweet confirming the leak, with turgut_oztunc writing: “You are really funny guys. We will see [you in] the court if you don't recover our funds asap.“

SEC Charges Jump Crypto Subsidiary for Role in Terra’s Stablecoin Collapse

FTX to give a ‘one-time’ $6M compensation to phishing victims

FTX founder Sam Bankman-Fried said the exchange won’t be “making a habit of compensating” users that are “phished by fake versions of other companies.”

Cryptocurrency exchange FTX will provide around $6 million in compensation to victims of a phishing scam that allowed hackers to conduct unauthorized trades on certain FTX users’ accounts. 

FTX founder and CEO Sam Bankman-Fried posted in a Twitter thread on Oct. 23 that the exchange generally doesn’t award compensation to its users “phished by fake versions of other companies in the space” but in this case, it would compensate users.

Bankman-Fried said that this was a “one-time thing” and FTX would “not do this going forward.”

“THIS IS NOT A PRECEDENT,” he wrote, clarifying it was only the accounts of FTX users that would be reimbursed.

The recent phishing attack saw attackers gaining user account application programming interface (API) keys which allowed them to conduct unauthorized trades with their crypto exchange accounts.

The attack came to light on Oct. 21 after 3Commas said it was alerted that some of its users had unauthorized trading activity.

After an initial investigation, FTX and 3Commas then suspended the suspicious accounts to avoid further losses and disabled all compromised API keys.

Related: Mango Market exploiter brags after rug pulling Mango Inu 'shitcoin'

On Oct.19 Bankman-Fried published a blog post detailing his thoughts on crypto regulation that included a proposal he dubbed the “5-5 standard” where hackers keep either $5 million or 5% of the amount they’ve stolen, whatever is smaller.

In his most recent tweet thread, he thought it time to try his newly thought-up standard, imploring the hacker to send back 95%, around $5.7 million, of the stolen funds within 24 hours, saying “we’ll absolve them.”

October has been dubbed “hacktober” by the crypto community as Chainalysis revealed on Oct. 13 that October 2022 has been the “biggest month” ever for hacking activity, despite the report coming out not even halfway through the month.

At the time of the report around $3 billion had been exploited through over 125 separate incidents since the start of the month.

SEC Charges Jump Crypto Subsidiary for Role in Terra’s Stablecoin Collapse