Colin Wu, a blockchain reporter, stated on Twitter that a new crypto scam, dubbed ‘Contra Trading,’ has entered the crypto sector. According to Wu, an FTX customer using the 3commas API said, he noticed his account was trading the DMG token over 5,000 times.
FTX User Affected by New Crypto Scam
In recent years, FTX has been the largest rising crypto exchange, with a massive rise in trading activity and the expansion of their partner network, 3commas.
Unfortunately, it appears a recent scam has hit the crypto exchange and reports alleged that 3commas API is to blame for the mishap.
On October 21st, Colin Wu tweeted that a new scam has entered the crypto industry and is making waves. According to Wu, an affected user has raised the alarm on the issue. On October 19th, a customer with an FTX account with 3commas API noticed an abnormal trade on his account.
His account was trading the DMG token over 5,000 times. This incident resulted in the theft of ETH, BTC, FTT, etc., worth over $1.6 million.
Meanwhile, the report stated that FTX has responded to the issue. According to FTX, the user’s API key was leaked, which led to the orchestration of such a crime.
In addition, the cryptocurrency exchange stated that incidents of such nature were not unique occurrences. Nevertheless, 3commas maintains that its security was not breached and there was no leak.
3Commas Says User’s API Keys May Have Been Phished
In a blog post, the platform said its team was informed of a security breach where some FTX API keys linked to 3Commas were used to conduct unauthorized DMG trades.
According to the post, the 3Commas investigated the situation in partnership with FTX. The results revealed that some API keys were connected to newly created 3Commas accounts.
These accounts were used to carry out unauthorized DMG trades on the FTX exchange. Meanwhile, 3commas revealed the API keys were taken outside its platform. The post said:
“No FTX or 3Commas account security encryption or data were compromised.”
On further investigation, 3Commas uncovered several fake websites similar to 3Commas. These websites must have been used to “phish” users, and tt o capture their API keys. Besides, the websites were identical to 3Commas and had the same interface.
Hence, customers must have opened these fake websites and entered their details to connect their accounts. The fake website then stored the API keys and used them to conduct unauthorized trades.
The API keys were then stored by the fake website and later used to place the unauthorized trades on the DMG trading pairs on FTX.
In addition, 3Commas suspected that malware or third-party browser extensions must have been used to conduct the attack due to its scale. Hence, 3Commas and FTX have identified accounts that may have been compromised and disabled their API keys.
Therefore, users whose FTX accounts are linked to 3Commas and see an “invalid API” or “API needs updating” notice should know their API details may have been compromised. 3commas urged such users to open another API key on FTX and then link with 3Commas.
Meanwhile, the platform advises users always to safeguard their accounts using 2FA (2-Factor Authentication). Also, users were advised not to share their API keys or passwords with any platform or cloud services and to perform antivirus scans on their gadgets consistently.
Lastly, 3Commas advised users to always go through the platform’s website instead of using search engines.