Crypto trading company 3Commas is in the eye of a storm: while some accuse its employees of stealing users’ API keys, the company insists such claims are fake.
In a recent post, the CEO of 3Commas, Yuriy Sorokin, stated that screenshots of the Cloudflare logs circulating on YouTube and Twitter are fake:
“It was an attempt to persuade people that there had been a vulnerability in 3Commas and we had been irresponsible enough to enable open access to data about users and log files.”Yuriy Sorokin, CEO of 3Commas
The screenshots demonstrate how customers’ API keys were purportedly made public via the 3Commas dashboard hosted on Cloudflare.
In a separate blog post published on December 10, however, Sorokin asked individuals affected to report the incident to the authorities so that their exchange accounts could be frozen. He urged to do it ‘quicker’ to prevent the leak of funds.
Initially, a leak was discovered by a crypto trader nicknamed CoinMamba. He stated that his funds were stolen via an API he installed several years ago and shared with 3Commas only.
Later CoinMamba claimed his account on Binance was banned after he reported his lost funds. In a tweet that is now deleted, Binance’s CEO CZ claimed he was considering banning the user who reported the leak.
Both Binance and 3Commas refuted the leak. 3Commas claims that the phishing assaults began in October and that the perpetrators used various methods:
“We have proof that phishing was, to some extent, a contributory element. We released a blog piece here displaying several fraudulent 3Commas sites that were established. Some of them are still online, despite our best attempts to have them eliminated.”Yuriy Sorokin, CEO of 3Commas
Following the incident, 3Commas decided to terminate connections to the Exchange API that are more than ninety days old.