3Commas denies staff members stole API keys

Published at: Dec. 11, 2022

Crypto trading firm 3Commas denied its employees' stolen user's API keys, claiming the screenshots circulating on social media are fake, and urged affected users to file a police report in order to stop withdrawals in exchanges.

In a blog post published on Dec. 11, 3Commas co-founder and CEO Yuriy Sorokin said that fake screenshots of Cloudflare logs are circulating on Twitter and YouTube "in an attempt to convince people that there was a vulnerability within 3Commas and that we were irresponsible enough to allow open access to user data and log files." The alleged screenshots intend to show how customer's API keys were exposed in 3Commas dashboard on Cloudflare.

A second blog post by Sorokin from Dec.10, encourages affected users to file a police report in order to get accounts frozen on exchanges. "The faster this is done, the faster exchanges can freeze the accounts of the perpetrators to stop funds from being withdrawn and increase the likelihood that some, or all, of the funds may be returned to victims."

As the majority of crypto exchanges follows know your customer standards, users are required to provide identity details to trade or withdraw funds. If affected users provided a police report, exchanges would be able to share this information with investigators, noted the company.

As reported by Cointelegraph, a crypto trader by the name of CoinMamba on Twitter had his account closed on Binance's platform after he complained about lost funds. The leaked API key is tied to a 3Commas account. Both the companies, Binance and 3Commas, deny any responsibility for the incident.

3Commas claims to have identified evidence of phishing attacks as a "contributory factor" for thefts. According to the company, the phishing attacks started in October, with bad actors trying different phishing techniques. Sorokin stated:

"Also, we have hard evidence that phishing was at least in some part a contributory factor; we published a blog article here showing many fake 3Commas websites that were created and some are still live on the internet, despite our best efforts to have them taken down."

Exchange API connections older than 90 days are being disabled by the company.

Tags

Business

Hacks

Phishing

Related Posts

4 tips to avoid phishing attacks

Many crypto owners fall prey to common crypto theft schemes, including phishing traps. How can the average crypto user identify and avoid these attacks to prevent the potential loss of funds? Know the source Phishing emails are sometimes successful in their attempts to trick users into downloading programs, clicking on something they shouldn’t, or just linking them to a page where they can enter personal information like their seed phrase. In July, hardware wallet Ledger reported a data breach that affected the personal data of many of its users, some of whom continue to be the target of phishing attacks. …

Business / Nov. 23, 2020

Yuga Labs’ BAYC, OtherSide Discord groups breached, over 145 ETH stolen

Yuga Labs, the creator of two of the most popular ape-themed nonfungible token (NFT) offerings — Bored Ape Yacht Club (BAYC) and OtherSide — witnessed yet another orchestrated phishing attack, with investors losing over 145 Ether (ETH) or nearly $260,000 at the time of writing. OKHotshot, a blockchain detective and a member of the Crypto Twitter community, alerted crypto investors about the compromise of two official Discord groups linked to BAYC and OtherSide NFTs. BAYC & OtherSide discords got compromised‼️ Seems because Community Manager @BorisVagner got his account breached, which let the scammers execute their phishing attack. Over 145E in …

Blockchain / June 5, 2022

FTX to give a 'one-time' $6M compensation to phishing victims

Cryptocurrency exchange FTX will provide around $6 million in compensation to victims of a phishing scam that allowed hackers to conduct unauthorized trades on certain FTX users’ accounts. FTX founder and CEO Sam Bankman-Fried posted in a Twitter thread on Oct. 23 that the exchange generally doesn’t award compensation to its users “phished by fake versions of other companies in the space” but in this case, it would compensate users. Bankman-Fried said that this was a “one-time thing” and FTX would “not do this going forward.” “THIS IS NOT A PRECEDENT,” he wrote, clarifying it was only the accounts of …

Business / Oct. 24, 2022

'Haunts me to this day' — Crypto project hacked for $4M in a hotel lobby

The co-founder of Web3 metaverse game engine “Webaverse” has revealed they were victims of a $4 million crypto h after meeting with scammers posing as investors in a hotel lobby in Rome. The bizarre aspect of the story, according to co-founder Ahad Shams, is that the crypto was stolen from a newly set up Trust Wallet and that the hack took place during the meeting at some point. He claims the thieves could not have possibly seen the private key, nor was he connected to a public WiFi network at the time. The thieves were somehow able to gain access …

Nft / Feb. 7, 2023

MetaMask issues scam alert as NameCheap hacker sends unauthorized emails

Popular crypto wallet provider MetaMask warned investors against ongoing phishing attempts by scammers attempting to contact users through NameCheap’s third-party upstream system for emails. On the evening of Feb. 12, web hosting company NameCheap detected the misuse of one of its third-party services for sending some unauthorized emails — which directly targeted MetaMask users. Namecheap described the incident as an "email gateway issue." ⚠️MetaMask does not collect KYC info and will never email you about your account! Do not enter your Secret Recovery Phrase on a website EVER. If you got an email today from MetaMask or Namecheap or anyone …

Blockchain / Feb. 13, 2023