On December 29th, popular on-chain sleuth and crypto Twitter community member @zachXBT notified their followers that they had received a message from an anonymous account that shared a database containing the API trading keys of 3Commas users.

3Commas Confirms the API Key Data Leak as Being Authentic

@zachXBT added that they had immediately started verifying the data’s validity by sharing it with exchanges which helped confirm that they belonged to actual 3Commas users. ‘Unfortunately, it seems they will be publishing the full database of 3Commas users soon,’ they Tweeted.

A few hours later, 3Commas CEO Yuri Sorokin tweeted that he and his team had seen the hacker’s message and confirmed that the data was legit.

‘As an immediate action, we have asked that Binance, Kucoin, and other supported exchanges revoke all the keys that were connected to 3Commas,’ he added.

Mr Sorokin added that they had done their best to investigate the root cause of the leak, including the probability of it being an inside job. However, the 3Commas team did not find evidence that the leak came from within the organisation. He explained that they have added new security measures and are involving law enforcement in further investigations.

Binance, OKX and KuCoin Advise 3Commas Users to Reset their API Keys and Whitelist IP Addresses

The leak of the 3Commas users’ API database and the confirmation by Mr Sorokin prompted leading exchanges such as Binance, OKX and KuCoin to advise their users, who also use the trading bot to reset their API keys and whitelist IP addresses.

‘I am reasonably sure there are widespread API key leaks from 3Commas. If you have ever put an API key in 3Commas (from any exchange), please disable it immediately,’ tweeted Binance CEO CZ.

The team at OKX added that their market monitoring tool had successfully stopped ‘at least two cases of abnormal 3Commas API keys usage in November.’ The OKX team also recommended users of 3Commas regenerate their API keys and whitelist IP addresses that will be using them.

Similarly, the KuCoin team tweeted that they had ‘temporarily disabled the trading authority of APIs that have been leaked or may be at risk of leaking due to the recent 3Commas API incident.’ They also recommended users regenerate new API keys and bind them to an IP address.

3Commas API Keys Have Caused Massive Losses Through Contratrading

The developments regarding leaked 3Commas API keys come after dozens of its users claimed that their bots had been used to execute unauthorised trades on Binance, KuCoin, FTX and Coinbase, leading to massive losses to the tune of millions.

Such incidents date back to mid-October, and the former FTX CEO had even pledged $6 million to affected users before the exchange went bankrupt.

(By John P. Njui)