OKX, one of the world’s largest digital asset exchanges, has announced via Twitter that it is aware of the security incident involving 3Commas and has taken immediate actions to ensure user funds are safe.
According to reports, hackers leaked around 10,000 API keys belonging to 3Commas users, which were linked to prominent exchanges, including Binance, Kucoin, OKX, and Coinbase. OKX stated that it will continue to support 3Commas through this incident.
There have been numerous complaints from 3Commas users in recent weeks, claiming that their API keys were used to execute trades without their consent, resulting in the loss of funds. In total, it is estimated that 3Commas users have lost around $6 million to these attackers since October.
OKX continues support for 3Commas despite the hack
In response to the hack, 3Commas has verified that employee access to technical infrastructure has been revoked and new security measures have been put in place. OKX has also deployed transaction monitoring and refreshed API keys for all impacted users.
It’s believed that the hack may have been the result of an internal leak rather than a vulnerability in the 3Commas codebase. Despite the incident, OKX emphasized its support for 3Commas and the importance of their trading bots, particularly in the current market conditions.
3Commas admits to API breach after denying community report for months
After denying a community report about an API leak for months, 3Commas admitted to the breach earlier today. This news has prompted victims of the breach to demand a refund of their lost funds and an apology from the company for its handling of the situation.
Initially, 3Commas CEO Yuriy Sorokin denied the possibility of a rogue employee being responsible for the leak, instead blaming any exposed APIs on phishing attacks on users.
3Commas CEO Yuriy Sorokin had previously refuted claims that screenshots circulating on YouTube and Twitter, showing the company’s Cloudflare logs and claiming to reveal the public exposure of customers’ API keys via the 3Commas dashboard, are genuine.
Sorokin stated that these screenshots were fake and an attempt to persuade people that there was a vulnerability in 3Commas and that the company had been irresponsible in its handling of user data and log files.
Slow taking action
In a blog post published on Dec.10, Sorokin asked individuals impacted by the situation to report the incident to authorities so that their exchange accounts could be frozen and further loss of funds could be prevented. He urged individuals to take action quickly.
Later on, in a statement released on Dec.28, Sorokin changed his stance and admitted to the API breach, confirming the validity of the API keys that were published by the hacker.
According to Sorokin, the company conducted a thorough investigation into the possibility of an inside job but found no evidence of such activity. He also assured the public that access to sensitive information has been limited for technical employees since Nov.19 and that law enforcement has been fully involved in the investigation.
As a result of the breach, victims of the illicit trades are calling for a refund of their lost funds and an apology from 3Commas for its handling of the situation. In response, Sorokin has promised tightened security measures to prevent future breaches.