Threat Management, Cloud Security

Massive API theft confirmed by crypto trading platform 3Commas

BleepingComputer reports that cryptocurrency trading platform 3Commas has been impacted by a massive API key leak, with an anonymous Twitter user exposing 10% of the 100,000 API keys it claims to have stolen from the platform. 3Commas has confirmed that valid API keys have been shared by the Twitter user and urged Coinbase, Binance, Kucoin, and other supported exchanges to revoke 3Commas-linked keys. Meanwhile, users have been called to reissue keys on linked exchanges. "Only a small number of technical employees had access to the infrastructure, and we have taken steps since Nov. 19 to remove their access. Since then, we have implemented new security measures, and we will not stop there; we are launching a full investigation in which law enforcement will be involved," said 3Commas. Prior to the confirmation, 3Commas has denied being impacted by a breach despite reports of unauthorized transactions in the platform in October and reports of nearly $6 million in cryptocurrency losses among account holders last month.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.