Threat Management, Cloud Security
Massive API theft confirmed by crypto trading platform 3Commas
BleepingComputer reports that cryptocurrency trading platform 3Commas has been impacted by a massive API key leak, with an anonymous Twitter user exposing 10% of the 100,000 API keys it claims to have stolen from the platform.
3Commas has confirmed that valid API keys have been shared by the Twitter user and urged Coinbase, Binance, Kucoin, and other supported exchanges to revoke 3Commas-linked keys. Meanwhile, users have been called to reissue keys on linked exchanges.
"Only a small number of technical employees had access to the infrastructure, and we have taken steps since Nov. 19 to remove their access. Since then, we have implemented new security measures, and we will not stop there; we are launching a full investigation in which law enforcement will be involved," said 3Commas.
Prior to the confirmation, 3Commas has denied being impacted by a breach despite reports of unauthorized transactions in the platform in October and reports of nearly $6 million in cryptocurrency losses among account holders last month.
An In-Depth Guide to Cloud Security
Get essential knowledge and practical strategies to fortify your cloud security.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds