Investors claim 3Commas was breached after phishing attack
Investors are blaming 3Commas for leaking their APIs, leading them to losses. However, 3Commas gave conflicting feedback to the community about the possible cause of the recent attack, originally blaming phishing.
Investors blame 3Commas for leaking their details
3Commas is an Estonia-based automated crypto trading platform that helps execute trades for users in FTX, Coinbase, and Binance.
According to reports, since October, multiple 3Commas users reported that their trading accounts in Coinbase, Binance, OKX, and FTX were compromised, and funds were stolen.Â
The attackers garnered over $6 million collectively from the attack. According to reports, 3Commas investors blame the network for leaking their APIs to the public. The users claim that the platform leaked their details. A Reddit user said;Â
“3Commas API Compromised (Active Threat) 50K gone in 1 hour Thanksgiving morning. If you use 3Commas, please delete your API keys as soon as possible. They are lying to us, and I am going to prove it. On Thanksgiving morning, I witnessed my trading account performing a series of coordinated counter-party unauthorized trades right in front of my eyes. In about 1 hour 50K was loss.”
Many investors have complained that the automated trading platform leaked their private information. In fact, according to the users, the attackers ran away with credentials because the attackers stole $6 million.
3Commas conflicting feedback on account phishing
Originally, 3Commas posted their version of the story mentioning that several investors’ API keys were stolen. However, later 3Commas released a blog that termed the info as “False Rumors of API Leaks or Exposure of our Database.”
The platform’s CEO noted that many of their investors were phished. Most of those who suffered the attack shared their details with the exploiter.
Sorokin mentioned that their side of the investors’ accounts is safe. They mentioned that the accusations about leaking are circulated by competitors. However, other information from the network conflicted with the CEO’s statement. The network’s Deputy Chief Technology Officer Artem Kolsov seemingly walked back from their earlier statement that investors were phished. He noted that “nothing can be told for sure.” This means that 3Commas is not sure of the actual root of the attack.Â
Investors can’t find any evidence of phishing
However, the customers note that they have no 3Commas phishing sites on their browsers. One user mentioned that they use a fast API service. If that’s the case, then the user cannot be phished. As such, there are still more questions than answers, and only 3Commas can explain the situation.