Cryptocurrency trading platform 3Commas has confirmed that there was a data breach where API data was stolen.
According to the announcement, on December 28, an unknown actor sent the 3Commas API database to Pastebin.
After analyzing the database, the company confirmed its authenticity, saying “at this point, 3Commas can unfortunately confirm that some 3Commas user API data (API keys, secrets and passwords) has been leaked by a third party.”
While the leaks are currently about API data, 3Commas does not rule out the possibility of downloading other data: “Currently and to the best of our knowledge, only API data has been leaked in this incident. The likely consequence of the hackers may or may have been to use API data to link exchange accounts to their account and/or initiate unauthorized transactions.
In a notice sent to users via email and blog post, the company says it has taken steps to protect its users and their funds and has reported the issue to relevant law enforcement agencies, including the FBI.
according to A Beeping Computer according to the report, a set of 10,000 API keys was leaked, which is only 10% of the 100,000 database. These keys are typically used by 3Commas bots to automatically interact with cryptocurrency exchange platforms, transact and generate profits without user interaction.
Reacting to the news, 3Commas urged all supported exchanges (including some of the largest – Binance, Coinbase and Kucoin) to revoke all API keys associated with the platform. The company also urged all users to reissue keys on all connected endpoints (opens in a new tab) personally.
By further investigating the leak, the company eliminated the possibility that it was an inside job: “Only a small number of technical staff had access to the infrastructure, and as of November 19, we took steps to remove their access,” the company said in a Twitter post.
“Since then, we have implemented new security measures and we will not stop there; We are launching a full investigation that will involve law enforcement,” the company added.
But the damage has already been done. Apparently, the cybercriminals have been abusing the leaked API keys since November and have so far managed to steal around $6 million worth of cryptocurrencies.
By: Beeping Computer (opens in a new tab)