Cryptocurrency trading platform 3Commas has confirmed that it suffered a data breach that resulted in the theft of API data.
According to the announcement, an unknown threat actor posted 3Commas’ API database to Pastebin on December 28.
After an analysis of the database, the company confirmed its authenticity, stating that “at this time, 3Commas can unfortunately confirm that some of 3Commas’ user API data (API keys, secrets, and passwords) has been compromised by a third party”.
While the current leak revolves around API data, 3Commas does not rule out the possibility of other data being stolen: “Currently, as far as we know, only API data has been disclosed as part of this incident. As a possible consequence, hackers may use or may have used API data to link your trading account to his/their account and/or initiate unauthorized transactions,” it said.
In a notice sent to users via email and blog post, the company said it had made great strides in protecting its users and their funds, and reported the issue to relevant law enforcement agencies, including the FBI.
according to a Beep computer A set of 10,000 API keys was reportedly compromised, accounting for only 10% of the large database of 100,000. 3Commas bots typically use these keys to automatically interact with crypto exchanges, make trades, and generate profits without user interaction.
In response to the news, 3Commas urged all supported exchanges, including some of the largest exchanges – Binance, Coinbase, and Kucoin – to revoke all API keys connected to the platform.The company also urges all users to republish their keys on all linked endpoints (opens in a new tab) personally.
After investigating the leak further, the company dismissed the possibility that it was an internal job: “Only a small number of technical employees have access to the infrastructure, and we have taken steps to remove their access since November 19,” the company said in a statement. stated in the statement. twitter post.
“Since then, we have implemented new security measures and we will not stop there; we are conducting a full investigation and law enforcement will be involved,” the company added.
But the damage has already been done. Apparently, threat actors have been abusing leaked API keys since last November and have managed to steal around $6 million worth of cryptocurrency so far.
pass: Beep computer (opens in a new tab)