Business News Report
December 29, 2022

3Commas data leak confirmed; hackers threaten to publish over 100k leaked API keys

3Commas data leak

3Commas customers are facing a data leak, and thousands of API keys may be published online in the coming days.

Earlier today, Twitter user and on-chain sleuth ZachXBT looked into the 3Commas data leak. Hackers have access to a database containing more than 100k API keys, and they are planning to publish the database online in the coming days.

Since the severity of the situation became known, the FBI has begun an investigation into the data leak. CoinDesk reports that agents from the FBI’s Cincinnati Field Office have contacted two 3Commas users in relation to the leak.  

3Commas is a company promising to “revolutioniz[e] how people invest and trade.” It offers crypto trading bots for major cryptocurrency exchanges, including Binance, Coinbase KuCoin, and Crypto.com. However, there has been some talk that the platform is not as secure as it promises. Earlier this month, 3Commas users started reporting “unauthorized trades on their CEX accounts.” However, the company denied any wrongdoing and blamed phishing for customers losing their funds. As of December 20, at least $14.8 million in total was stolen from 44 people.

According to the messaging from the person or people who have access to the database, the leak is not caused by a bug or exploit, but 3Commas is allegedly responsible for it. They claim 3Commas “sold your information to the biggest bidder.”

“Here is some copies of Binance and KuCoin – trade apis provided by 3commas staff we have the whole database we will be leaking it when we are done filtering your personal informations, so people don’t get doxed, we will only release the api keys,”

hackers wrote.

Both ZachXBT and later 3Commas confirmed that at least some of the API keys are legitimate; some have already been used to access people’s funds. Victims have confirmed their API keys were on the list. According to the hackers, it could have been worse already, as they reportedly have “access to over a billion dollars on APIs.” The hackers claim they “didn’t use them [and] wanted just to teach everybody a low lesson, not a hard one.”

3Commas has finally acknowledged the leak took place, but it denies any wrongdoings or possibility the hack was “an inside job,” claiming no evidence was found. According to the statement made by 3Commas, a “small number of technical employees had access to the infrastructure,” and the company has taken steps to remove their access.

“We have seen the hacker’s message and can confirm that the data in the files is true. As an immediate action, we have requested that Binance, Kucoin and other supported exchanges revoke all keys that were connected to 3Commas,” 3Commas tweeted earlier today.

Whether it is too little, too late remains to be seen as more 3Commas customers are facing possible data leaks. The hackers are raising one important issue, though: Are your crypto assets really safe? Luna crash, 3AC crash, and Alameda Research and FTX crash are just some of the major events that have shaken the crypto space this year alone.

Related posts:

Disclaimer

In line with the Trust Project guidelines, please note that the information provided on this page is not intended to be and should not be interpreted as legal, tax, investment, financial, or any other form of advice. It is important to only invest what you can afford to lose and to seek independent financial advice if you have any doubts. For further information, we suggest referring to the terms and conditions as well as the help and support pages provided by the issuer or advertiser. MetaversePost is committed to accurate, unbiased reporting, but market conditions are subject to change without notice.

About The Author

Karolina is a writer and journalist with a background in literary studies. She loves exciting tech solutions and art, and NFTs are often a perfect amalgamation of the two. Outside of work, she’s a plant mom, a vintage fashion enthusiast, and a gamer.

More articles
Karolina Gaszcz
Karolina Gaszcz

Karolina is a writer and journalist with a background in literary studies. She loves exciting tech solutions and art, and NFTs are often a perfect amalgamation of the two. Outside of work, she’s a plant mom, a vintage fashion enthusiast, and a gamer.

Hot Stories
Join Our Newsletter.
Latest News

Swiss Crypto Bank SEBA Rebrands to AMINA Bank AG

by Kumar Gandharv
December 01, 2023

Web3 Fundraising Report Q3 2023: A Overview of Evolving Trends and Strategies

In this report, we explore all the trends in the AI, crypto and web3 sectors and identify ...

Know More

Virtual Reality Superior Than Video Conferencing for Remote Work Collaboration: PWC Report

In today’s modern era of remote work, the traditional landscape of digital meetings and workshops is undergoing ...

Know More
Join Our Innovative Tech Community
Read More
Read more
Bitcoin Rally Boosts Crypto Stocks to Nearly 19-Month High as December Begins
Markets News Report
Bitcoin Rally Boosts Crypto Stocks to Nearly 19-Month High as December Begins
December 1, 2023
KuCoin Ventures Allocates $20,000 Grant to Foster TON Ecosystem Expansion
News Report Technology
KuCoin Ventures Allocates $20,000 Grant to Foster TON Ecosystem Expansion
December 1, 2023
Swiss Crypto Bank SEBA Rebrands to AMINA Bank AG
News Report Technology
Swiss Crypto Bank SEBA Rebrands to AMINA Bank AG
December 1, 2023
European Union Struggles to Agree on Generative AI Regulations Ahead of Planned Legislation
News Report Technology
European Union Struggles to Agree on Generative AI Regulations Ahead of Planned Legislation
December 1, 2023
What You
Need to Know

Subscribe To Our Newsletter.
Daily search marketing tidbits for savvy pros.