Automated crypto trading bot provider 3Commas quelled rumours of an alleged security breach hours after putting its users on high alert following the incident.
On Friday, the firm disclosed that it had identified several API keys being used to conduct unauthorized trades for the DMG cryptocurrency trading pairs on FTX following tips from various users. Further, it was informed that the activities, which appeared to be a “3rd party phishing or hacking attack of some sort”, affected traders who have never used 3Commas.
According to the firm, the hackers tried to access its users through several fake 3Commas web interfaces designed to capture API keys from 3Commas users who tried to connect their FTX exchange accounts. The API keys were then stored by the fake website and later used to place the unauthorized trades on the DMG trading pairs on FTX. As a precaution, FTX and 3Commas had earmarked accounts with suspicious activities and disabled the API keys, which may have been compromised.
However, upon conducting a joint investigation with FTX, the firm found that “the API keys were not taken from 3Commas but from outside of the 3Commas platform”, which meant that the breach did not affect either 3Commas account security databases or API keys.
“The theft occurred outside of the 3Commas system, via what was likely a phishing attack conducted on inauthentic websites mocked up to resemble the 3Commas interface,” the firm wrote in a Sunday update. “There have been no breaches of either 3Commas’ account security and API encryption systems, nor the account security and API encryption systems of our partner exchanges.”
The firm, however noted that only three users had been affected by the phishing. And whereas 3Commas is yet to disclose how much was lost by the victims, an October 24th update by Sam Bankman-Fried, CEO of crypto exchange FTX, suggests the figure to be roughly $6 million in total.
According to Fried, although it was company policy for users to carry their cross in phishing cases, FTX had decided to compensate the three victims in this particular case. “We can’t compensate for users getting phished by fake versions of other companies in the space! But in this particular case, we will compensate the affected users. THIS IS A ONE-TIME THING AND WE WILL NOT DO THIS GOING FORWARD. THIS IS NOT A PRECEDENT. We will not be making a habit of compensating for users getting phished by fake versions of other companies,” Fried tweeted Monday.
Yuri Sorokin, Co-founder and CEO of 3Commas, also urged users to stay vigilant, outlining a list of security protocols that users should review to reduce the odds of falling victim to phishing attacks.