Crypto trading service 3Commas confirmed the company’s database was breached. Threat actors took user API data, putting users in danger of losing assets.
Estonia-based crypto service 3Commas fell victim to a data breach that supposedly leaked the Application Programming Interface (API) data of 100,000 users, resulting in them losing millions of dollars worth of crypto.
According to 3Commas’ CEO, Yuriy Sorokin, the company first heard about the hack when threat actors announced on Pastebin they accessed Application Programming Interface (API) data stored in 3Commas’ database.
“3Commas can unfortunately confirm that some of 3Commas’ users’ API data (API keys, secrets and passphrases) have been disclosed by a third party,” Sorokin said in a statement.
Traders use API keys to grant third-party programs access to their personal accounts on cryptocurrency exchanges. For example, 3Commas allows users to set up trading bots that automatically execute trades on their behalf.
API keys allow service providers like 3Commas to perform actions on their behalf, including executing automatic trade orders without logging into the exchange.
“Currently and to the best of our knowledge only API data have been disclosed as part of this incident. As a likely consequence the hacker(s) may use or may have used the API data to connect your exchange accounts to his/their account and/or initiate unauthorized trades,” Sorokin said.
Upon learning about the incident, 3Commas’ asked crypto exchanges to revoke all keys connected to the company. 3Commas users are advised to reissue API keys used to connect to crypto exchanges such as Binance or KuCoin.
Reports about a possible API data leak have started circulating early this month. The company has repeatedly said it did not leak API data, instead explaining to users what phishing is and how the practice evolved to target crypto traders.
The company’s behavior raised some eyebrows since hackers who announced the breach said a 3Commas employee sold them the data. Media reports indicate that the FBI is involved in investigating the breach.
More from Cybernews:
Subscribe to our newsletter