Following the initial warning raised by Binance CEO Changpeng Zhao (CZ) over 3Commas API Key leak, the CEO of the crypto trading platform Yuriy Sorokin has confirmed the incident, stressing that the leak was discovered to be an inside job.
1. Statement from 3Commas:
We saw the hacker’s message and can confirm that the data in the files is true. As an immediate action, we have asked that Binance, Kucoin, and other supported exchanges revoke all the keys that were connected to 3Commas.
— Yuriy Sorokin (@YS_3Commas) December 28, 2022
Sorokin added that the trading platform has urged leading exchanges like Binance, Kucoin, and others to revoke all the keys that were connected to 3Commas.
Regarding the in-house member that perpetrated the attack, Sorokin remarked that the platform explored every means with a view to uncovering the identity of the person but the efforts proved abortive.
He further revealed that only a few technical workers at 3Commas company had access to the infrastructure but there has been overhauling of the system after the incident to remove their access.
Sorokin added that the trading platform had executed a couple of security measures in order to protect customers and will soon engage the services of law enforcement so as to get to the root of the matter.
While the trading platform has demonstrated deafening silence over the incident until now, Binance CEO CZ asserted on Dec. 28 that he is decidedly sure that API Key leaks have been occurring at 3Commas. He thus urged users to disable it.
I am reasonably sure there are wide spread API key leaks from 3Commas. If you have ever put an API key in 3Commas (from any exchange), please disable it immediately.
— CZ 🔶 Binance (@cz_binance) December 28, 2022
Reactions and Observations on 3Commas
Prior to the latest incident, controversy has been hovering over the safety of 3Commas which prompted Binance to cancel the account of a user on Dec. 9 over a complaint of compromised API Key.
Instead of acknowledging the incident and taking responsibility, 3Commas CEO Yuriy Sorokin blatantly denied in a company blog that screenshots and fake news were being spread that the platform has lax security.
In light of the new development, users such as Coinmamba reacted that 3Commas has been lying instead of taking responsibility in order to prevent further exploits. He thus queried if the platform will refund affected users.
In the same vein, ZachXBT expressed dismay that the crypto trading platform shows little or no interest in its users.