Crypto trading robot 3Commas confirms claims that its platform was compromised and user data was leaked.
Yuriy Sorokin, CEO of 3Commas. confirmed the security breach that claimed API (application programming interface) keys were stolen after Binance CEO Changpeng Zhao have warned investors of the situation.
“We have seen the message from the hacker and can confirm that the data in the files is true. As an immediate action, we requested that Binance, Kucoin and other supported exchanges revoke all keys that were associated with 3Commas. »
Last week, on-chain researcher ZachXBT saying it he received a message from an anonymous Twitter user who claimed to have over 100,000 3Commas user API keys.
“Six hours ago an account sent me a message and over 100,000 API keys. [database] with 3Commas users’ API keys. I started working to confirm its validity and quickly shared the information with exchanges. It looks like they will be releasing the full 3Commas user database soon. »
In November, allegations circulated on social media that the company’s employees were stealing API keys. At the time, 3Commas released a statement saying bad actors were making false accusations using manipulated evidence.
“We are now seeing individuals on Twitter and YouTube circulating fake screenshots of Cloudflare logs in an attempt to convince people that there was a vulnerability within 3Commas and that we were irresponsible enough to allow access to user data and logs.”
Sorokin goes on to address claims that 3Commas employees were behind the leak.
“We did everything we could to investigate an inside job as it was always a possible scenario and it was on our watch list, but the evidence of an inside job did not come to light. not found. Only a small number technical staff had access to the infrastructure, and since November 19 we have taken steps to remove their access. »
He said the company is currently implementing new security measures and launching a full investigation involving law enforcement.
“We are sorry that it has gone this far, and we will continue to be transparent in our communications about this situation.”