As a result of the API keys of third-party apps like 3Commas being exposed, more users are suffering financial losses. Due to a recent incident involving the Twitter account CoinMamba, Binance is considering restricting 3Commas’ access to its platform if the company does not immediately stop leaking API information.
Following the disclosure of the user’s confidential Application Programming Interface (API) keys, Binance was of the opinion that the user was not entitled to any form of compensation. Anyone who uses the 3Commas automated trading platform on Binance or any other exchange need to be alarmed by the increasing number of cases, despite the fact that API key leaks and cases involving 3Commas are not new.
Today, Binance CEO Changpeng Zhao (CZ) disclosed the company’s inquiry into the matter on Twitter. He said, “Based on our investigations so far, this appears to be just market behavior. One guy deposited funds and started buying. (Hackers don’t deposit). Other guys followed. Can’t see a linkage between the accounts.”
He went on to say that Binance momentarily froze withdrawals on some of the profitable accounts, which resulted in a large number of complaints from various nations on social media. Changpeng Zhao stated that Binance is cognizant of the concept of excessive platform intervention, “too centralized” assaults, etc. According to him, there is an optimal level of Binance intervention and sometimes, these events occur in a free market, and Binance must allow them to play out.
The Background Story
On December 11, it was reported that a large number of alternative cryptocurrencies, such as OM, AMP, NEXO, POLS, SUN, ARDR, BIFI, XVS, ARK, LOOM, and OSMO, were contra-traded on the leading cryptocurrency exchange, Binance. Exploitation occurred as a result of a vulnerability in the API key for the 3Commas trading bot, which is being looked into by the 3Commas team.
The 3Commas team is collaborating closely with the Binance team at the moment. Additionally, the automated cryptocurrency trading bot disclosed in a report that any existing keys that have been inactive for more than three months will be revoked. In the investigation update document that was made public by 3Commas, the business addressed the illicit trades.
These trades were conducted on exchanges such as Binance, FTX, and OKX by using API keys that had been compromised through hacking. 3Commas has reason to believe that the attackers obtained the API data over an extended period of time, despite the fact that they are unable to corroborate any of the specifications.
According to 3Commas’ investigation, “The perpetrators waited for the market to slow down and provide a window where many trading pairs were illiquid and easier to manipulate.” The investigation also brought to light the fact that 3Commas is depending on the authorities in charge of law enforcement to give a full analysis based on the information that has been provided by the exchanges.
In addition, the well-known poker player and creator of Worldpokerdeals, Rodion Longa, said in a tweet that his Binance account had been compromised as a result of the 3Commas API leak, which led to the theft of BUSD stablecoins worth a total of $450,000. Longa further stated that there is no way that this is a phishing attack because he has not utilized the API for the 3Commas trading bot in the past 11 months.
Additionally, the anonymous Twitter account CoinMamba said that the user’s Binance account was hacked through an API that the user had built two years prior but could not recall anything about. At the same time, he informed the Binance team about the situation and demanded that they compensate him.
Binance And 3Commas At Conflict
Changpeng Zhao advised customers in November to delete unused API credentials and to be cautious when utilizing Skyrex and 3Commas. During the same time frame, 3Commas stated that they were also combating phishing efforts against users of other exchanges. Specifically, users of the now-defunct FTX exchange lost nearly $6 million owing to phishing assaults, but they were compensated by the exchange.
Binance asserted that the problem was API key breaches on the part of 3Commas and not necessarily phishing attempts. On the other hand, Yuriy Sorokin, founder and chief executive officer of 3Commas, asserted that the attacks were examples of phishing and could have happened to anyone, including Binance.
In point of fact, he interpreted CZ’s attitude against 3Commas’s attempt to acquire it as fear, uncertainty, and doubt (FUD), and he stated that he was prepared to provide Binance the equity stake that Alameda Research had previously abandoned. 3Commas was the recipient of a $3 million investment from the now-defunct Alameda Research.
Even though the user CoinMamba was responsible for failing to delete his API keys, the company’s response was not very remarkable either. Since then, Binance has taken the action of restricting CoinMamba’s account so that it can only be used for withdrawals, citing the user’s potential risk to Binance’s customer service.
Today, the CEO of Binance made public on Twitter the investigation that the business is conducting into the incident. He stated that it seems that this is just normal market behavior because one person deposited funds and began buying (hackers don’t deposit). He further added that Binance is unable to identify a connection between the accounts because other individuals followed suit.
Previously, CZ also indicated that they had internally agreed to block 3Commas’ access in the event that it does not stop API key leaks. It is possible that the recommendation made by Binance to prohibit access to 3Commas will avoid additional losses. However, users need to be extra careful with API credentials. Extra caution should be exercised with any third-party applications that you permit to interact with your trades.